Hey @Thierry_S
I've run into this question in the past. The customers have generally taken a tiered approach. Some data is generally available (non-sensitive), other data is available via password (more sensitive and requires training on approved use and storage), and finally putting JMP on a heavily locked down server/vm (most sensitive data - prevents removal from the source, controls access, and logs who is accessing).
The first two tiers are still going to allow save/export, but the third would do what you want but requires additional resources. So, it depends a ton on how many people are needing access to the highly sensitive data.