Force users to use standard transactional logic i.e. only run their authorised. No direct access to programs, function modules & all that good stuff. Ensure no-one has ability to debug & replace or they can hobble most auth checks.
That should give you somewhere to start
cheers