A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes.
Which of the following controls would BEST mitigate the identified vulnerability?
A . Issue digital certificates to all users, including owners of group mailboxes, and enable S/MIME
B . Federate with an existing PKI provider, and reject all non-signed emails
C . Implement two-factor email authentication, and require users to hash all email messages upon receipt
D . Provide digital certificates to all systems, and eliminate the user group or shared mailboxes