Your company has a Google Cloud project that utilizes BigQuery for its data warehousing needs. To ensure secure communication, a VPN tunnel is established between the on-premises environment and Google Cloud using Cloud VPN. Given recent security audits, the security team has raised concerns regarding potential data exfiltration by malicious insiders, compromised code, or accidental oversharing of sensitive information. What measures should the security team implement to address these concerns?