In MIcrosoft Graph Connectors, it should be possible to have item level security on the search results regardless of the connector and regardless of the connector authentication by mapping identities.
If I for example buy the connector for Google Drive from one of the vendors, which has a different authentication method, tenant admins should be able to map item level identities to microsoft identities, in order to show only the results they are entitled to see