Argo Server implements security in three layers.
Firstly, you should enable transport layer security to ensure your data cannot be read in transit.
Secondly, you should enable an authentication mode to ensure that you do not run workflows from unknown users.
Finally, you should configure the argo-server role and role binding with the correct permissions.
You can achieve this by configuring the argo-server role (example with only read access (i.e. only get/list/watch verbs).