You are managing a Kubernetes cluster for a financial institution that stores sensitive customer data. To ensure security compliance, you need to implement a secure method of managing and accessing secrets (such as API keys, passwords, and encryption keys) within the cluster. Your goal is to minimize the risk of unauthorized access to secrets, while ensuring that workloads can still function properly.Which approach would best secure Kubernetes secrets in this scenario?