Hi,
This is a very well concern for a provider and Customer as CE-PE connectivity is the connection between two different entities. But when we talk about the CE-PE connection what all we can prevent:
1. Securing BGP neighbor ship with enabling password
2. Preventing Excessive Route flooding
3. Securing the date over an MPLS VPN network
For detail on these refer the below document:
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/L3VPNCon.html#wp309784
Hope it answers your query.
Thanks & Regards
Sandeep