Web security

Simple question:

I have a customer with ERP 5.

I have a project to create a couple of webpages in Webdynpro JAVA to give access to some vendors (through the web).

Considering we have ABAP Java stack installed, my question is around security. Of course the transaction will demand a authentication (SAP Logon), but will it be enough? From a security point of view, what should I do to keep my system protected?

Thanks

Leonardo De Araujo