The CI of my team is taking longer and longer to run and I would like to improve the build time introducing a remote Gradle Build Cache Node. The problem is that the CI runs on GitHub Actions and the Cache Node will be hosted on AWS so, I guess, it must be publicly accessible over the internet to be visible by the GitHub Servers and the devs machines. But my company has some concerns about exposing the Build Cache Node to the internet due to possible intellectual property leaks or other security issues.
So, I would like to know if these are well-founded doubts or if it is safe an common practice to expose such service to the internet.