TCP isn't noticably more secure than UDP - the extra fields in TCP are unsigned and can be spoofed too. There are even a couple of attacks that only works with TCP, like source congestion. The only "security" TCP buys you is if you have a dynamic real-time alerting system for tcp sequence errors and similar likely to be seen in spoof attacks. You don't have such an alerting system.
Thus, security is implemented on top of the transport layer, where it works just as well for udp as tcp. The advantage of udp then is that you get more payload per encrypted or signed unit, thus higher speed.
That said, the main use of nfs is within secure perimeters, where speed and transparency is the main goal. In which case all you need is a honor system access control, designed to prevent users and apps from doing bad things no matter who they (say they) are. I.e. the focus is on what is shared, and what's allowed, not who you share it to.
Where Windows is very user focused in its trust based security model, Unix is very data focused.
A typical Windows share will allow any user to write and execute whatever they like. The users don't understand the "Advanced Security" properties anyhow, so implementing it will just lead to complaints. If a client is compromised, so is the share..
A typical Unix share will only allow users write and execute access to specific directories, no matter who they say they are. Remote root users typically get even less access, not for security but to prevent accidents. If a client is compromised, the shares should be safe.