FIX, the security
If they are making the changes via FIX screens, it's easy.
You can put security on the screen, so that only authorized users can access it.
If they need to see the screen, but you don't want them changing the data, you can set the security of the individual tags, and if the user who is logged in doesn't have the right rights, they can't open any data entry object to change that tag.
If your system doesn't have any security, you'll want to do some serious thinking before implementing it.
How many groups of users, and what should each have access to. Where the login buttons are going to be located. Perhaps a script so that when you log out, you go to the main page (otherwise, if a supervisonr logs out on a restricted screen, on some systems (and I cn't remember if this applies to FIX or not), the operator can continue to do things to the screen as if he were the supervisor.)
It's not hard, but, like all things, to do it well you need to plan ahead.