Can an MCP server be legitimately secured? Asking out of curiousity