A systems administrator is informed that a database server containing PHI and PII is unencrypted. The environment does not support VM encryption, nor does it have a key management system. The server needs to be able to be rebooted for patching without manual intervention.
Which of the following will BEST resolve this issue?
A . Ensure all database queries are encrypted
B . Create an IPSec tunnel between the database server and its clients
C . Enable protocol encryption between the storage and the hypervisor
D . Enable volume encryption on the storage
E . Enable OS encryption