This link will give you more information including selection process and auto scaling: https://learn.microsoft.com/en-us/azure/databricks/clusters/cluster-config-best-practices.
We use a python script that enables and removes access to tables based on role-group, but can be user as well. Also have a script that removes all access- can be executes in seconds.
Depends on what platform your Databricks is on. Example in Azure you just need to set up the service in a vlan and tie the vlan to your internal network- site to site VPN tunnel as am example.
