You are working for a bank that has strict data governance requirements and you recently implemented a custom machine learning model to detect fraudulent transactions. As part of this implementation, your training code needs to download internal data via an API endpoint hosted within your project’s network. Considering the need for secure access to this internal data while also mitigating the risk of data exfiltration, what approach should you take?