If you are worried about leaving Umbraco's Distributed Calling and Web Services exposed, here is a little tip you can implement to secure your installation more. Create a web.config file in each of your server's web services folder and add an IP restriction rule to only allow certain addresses. For example, local servers only. Try adding the below web.config file to your /umbraco/webservices/ folder and amending the authorised IP list to your local servers only. The only caveat to this solution is that you will need the Url Rewrite module installed onto your IIS instance. Windows Azure has this preinstalled for Web Sites.