Your company stores highly sensitive data in Google Cloud Storage buckets, and data analysts have Identity Access Management (IAM) permissions to read from these buckets. To ensure security, you want to prevent data analysts from accessing the data in these buckets when they are not connected to the company's office network. How should you configure your Google Cloud environment to meet this requirement?