602SQL Documentation Index  
    Up602SQL Server Administration Database Security Measures­>

Setting up the Database Security Policy

If a database is run without network access and only one person has access to the computer running the database, then there's no need to set up security policy.

However if the database is shared by more users, setting up the security policy is necessary.

Be sure to take these steps after creating user accounts in the database:

  1. Assign some user into the security administrator group.
  2. Assign one or more users into the configuration administrator group.
  3. Remove the anonymous user from the security, configuration and data administrator groups.

These further steps should be taken by a member security administrator group:

  1. A decision, whether connection to the database should be taken from a domain server login.
  2. A decision, whether the configuration administrators should have the privilege to assign users to the configuration administrator group.
  3. A decision, whether the configuration administrators should have the privilege to assign users to the usergroups.
  4. A decision, whether it's necessary to create a data administrator and assigning a user to this group.

Further security measures can be found in the Database security measures and in then SQL server administration.

    Up602SQL Server Administration Database Security Measures­>