In addition to object and statement permissions, you can combine various components within SQL Server to facilitate administration and provide improved security. Following is a list of suggested security strategies:
Role-based security management
Views for data security
Stored procedures for data security
Triggers for audit trails
In the corporate environment, users often work in groups. People in these groups require similar permissions to the database. Whenever multiple users require similar permissions, you should use role-based security. With role-based security, you reduce the number of GRANT, REVOKE, and DENY statements that must be maintained.
Before diving headfirst ...