Microsoft® SQL Server™ 2008 All-In-One Desk Reference For Dummies®
by Robert D. Schneider, Darril Gibson
VIII.3.4. What Can You Let Users Do?
Until this point, you've seen the type of objects that you can secure, and the types of users and roles that you can support. The next step in realizing your security vision is to decide who you want to work with your database, and then grant them the appropriate permissions.
VIII.3.4.1. Who gets to use the database?
Having seen all the configurable security options at your fingertips, you might be tempted to rush out, start setting up profiles and granting access to your database server. However, because no two enterprises will have the same security profile, it's worth taking a little more time and getting a better handle on exactly what you need to do for your own organization.
A great start is to figure out the types of users who you'll need to support. The next section lists some of the typical SQL Server user profiles that you're likely to encounter, in increasing order of responsibility. Your site might not have all of these functions; you might also have the same person handling multiple jobs, or you might be faced with additional roles and responsibilities. Nevertheless, use this handy list as a starting point:
Reporting user: This kind of user typically connects to your database via a third-party reporting tool and runs reports or other data analysis. Generally, you can safely restrict the ability to make changes to the database because reporting users are primarily interested in reading data, not altering it.
Application user: This ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access