An IT company has a big data analytics application that is deployed in EC2 in multiple availability zones. These EC2 instances simultaneously access a shared Amazon EFS file system using a traditional file permissions model. A recent internal security audit has found that there is a potential security risk as the EFS file system is not encrypted for either at rest or in transit. What actions could be taken to address the potential security threat posed by non-encryption of the EFS volume?