Assign the proper role to the Service Account in the projects IAM Policy

Assign the proper role to the Google Group in the projects IAM Policy

Create the project in a folder with the same name as the LDAP directory group

Grant each user the roles/iam.serviceAccountUser role on a service account that exists in the Google Group

Data is encrypted by default

Data is encrypted by Cloud Data Loss Prevention

Data is encrypted when appropriate tag is applied

Data is encrypted by the Security Command Center

By assigning IAM primitive roles to each employee

By applying least-privilege to roles for each employee

By creating a single shared service account for all departments

By mapping IAM roles to job functions for each department

Optimizing cost-management with a capital expenditure model

Built-in security when moving their data to the cloud

Optimizing cost-management with a capital expenditure model

Increased hardware capacity when moving their data to the cloud

SLA policy violation

Malware attack

Ransomware attack

Incomplete data input

Extend data retention policy lengths to at least seven years

Pay more to get the best security system available on the market

Wait for a more advanced security system to be released

Hire cybersecurity experts to further develop their data security plan

Comply with international standards for data security and privacy, because they supersede all regional regulations

Comply with regional data security regulations, because they're more complex than privacy standards

Comply with data security and privacy regulations in each geographical region

Comply with regional standards for data security and privacy, because they supersede all international regulations