Good question @rpiswag and thanks for the ping @Moors7.
The word “security” covers lots of areas of Spark’s stack and infrastructure, and I won’t go into them all here. However, the specific concern you’re talking about—an intruder gaining root access to a server—is first of all only possible through ports that are open to the outside. All Spark servers are completely closed to the outside except for the bare minimum of whitelisted ports.
SSH (the typical way such an intruder gets in, by guessing a password) is not open to the outside world at all. Just a few of the many industry standard practices we use to prevent unauthorized ssh access:
- The only entry point to the cloud is through a Bastion Host
- Password authorization is not allowed
- Only very few users are even allowed to SSH into the cloud
- All of those users get seriously trained on best practices in key management
Even better, we can spin up an entire cloud of many interacting servers with a single command. If there were ever even the slightest hint of unauthorized access, we would simply destroy the cloud and rebuild it in a few seconds. 
(Actually we do this all the time in development.)
At Spark we have been deeply concerned about security from the very beginning. You should rest assured we’ve got you covered.