Improve security by restricting the EFS mount

noexec: Do not permit direct execution of any binaries on the mounted filesystem.
nodev: Do not interpret character or block special devices on the file system.
nosuid: Do not honor set-user-ID and set-group-ID bits or file capabilities when executing programs from this filesystem.