You are tasked with implementing secure endpoints for an Azure Databricks workspace. The workspace needs to be accessible from both public and private networks. Describe the steps you would take to ensure that the endpoints are secure, including the use of network security groups and virtual network injection.