In this release of Enterprise Server, the security features are designed to address a particular "threat model". A threat model is a description of the kinds of unauthorized actions the system has to protect against. Security issues that don't fall under the threat model have to be addressed outside Enterprise Server, using features such as operating system security, corporate policies, etc.
The current Enterprise Server threat model trusts the applications that run on your enterprise server, and assumes the system is reliable. The threats it addresses are attempts to impersonate legitimate users, and legitimate users making illegal requests to access or modify resources or features.
With subsequent releases, the available features will be expanded to address other threats.