You can find more information on that topic here.

"With Databricks, your serverless workloads are protected by multiple layers of security. These security layers form the foundation of Databricks’ commitment to providing a secure and reliable environment for even the most sensitive workloads.

They include but are not limited to:

1. Dedicated compute resources
   1. Each workload runs on compute and encrypted storage that is dedicated to that workload
   2. Storage cannot be reallocated or reassigned after use 
   3. Both the compute and the storage are securely wiped as soon as the workload completes
2. Network segmentation
   1. Each workload operates within a private network with no public IP addresses assigned
   2. That network is isolated logically from other workloads
   3. Lateral movement or communication between workloads is blocked
   4. All traffic between the user, the control plane, the compute plane and cloud services is routed over the cloud provider’s global network, not the public internet
3. Encryption at rest and in transit
   1. All attached storage is protected by industry-standard AES-256 encryption
   2. All traffic between the user, the control plane, the compute plane and cloud services is encrypted with at least TLS 1.2
4. Principle of least privilege
   1. Workloads have no privileges or credentials for systems outside the scope of that workload
   2. Access to the data is via short-lived (1-hour) tokens
   3. These tokens are passed securely to each specific workload"