.NET Connector and security

Hello,

We suspect that some "smart" users/developers outside the IT department could use the .NET platform to create some unauthorized web applications in order to publish or to permit access to datas contained in our SAP system.

Is this possible? If yes, is there a way to prevent them from connecting?

Please note that those developers can be real SAP users with a valid username/passowrd but they never own an SAP developement key 😉

Thanks.