Build-cache-node account security

Hi, I’m investigating using the build-cache-node for a project. I’m looking into node security. As far as I understand it there is no way to configure account lockouts for any of the configurable accounts (e.g. administration UI and cache access). Am I overlooking something or does this sound accurate? Would this be possible if I were to use an identity provider via a Gradle Enterprise subscription?