Flaw in this security plan?

I have a combined IWP and FM7 client solution for scheduling and resource usage tracking. I am not using FM Server now since I want to use IWP and server advanced isn't out. (Also I have a small group of users.... 3 different resources that each require a FM client and about 80-100 total users that must schedule their usage over the web.) The 5-session limit isn't really a problem since scheduling time is fast and I put a 1 minute idle timeout in the prefs.

What I am doing is disallowing access by the full access account over web or fmnet using extended privileges. I figure then even if someone gets another password, they can't change the structure and can only do what I allow other users to do. Also, I disable the status area for web users with the get(applicationversion) in the startup script. Has anyone been able to cause this to break? (showing the status area to users who aren't supposed to)

One possible hole that I have is that I have one other privilege set that can manage extended privileges. Allowing the full access account network access. I left this in there just in case I want to tweak something remotely. So a hacker would have to get the password for this account and the full access password to do any real damage. Since the university firewall has blocked access to that port from outside, the only outside risk would be someone tunneling in through ssh and redirecting a port, or getting in through the VPN (having access to a university account)

Does anyone see a major hole in this plan? Any suggestions? How does one go about finding someone who checks for security (a consultant)?

Thanks,

Dana