VIII.3.4. What Can You Let Users Do?
Until this point, you've seen the type of objects that you can secure, and the types of users and roles that you can support. The next step in realizing your security vision is to decide who you want to work with your database, and then grant them the appropriate permissions.
VIII.3.4.1. Who gets to use the database?
Having seen all the configurable security options at your fingertips, you might be tempted to rush out, start setting up profiles and granting access to your database server. However, because no two enterprises will have the same security profile, it's worth taking a little more time and getting a better handle on exactly what you need to do for your own organization.
A great start is to figure out the types of users who you'll need to support. The next section lists some of the typical SQL Server user profiles that you're likely to encounter, in increasing order of responsibility. Your site might not have all of these functions; you might also have the same person handling multiple jobs, or you might be faced with additional roles and responsibilities. Nevertheless, use this handy list as a starting point:
Reporting user: This kind of user typically connects to your database via a third-party reporting tool and runs reports or other data analysis. Generally, you can safely restrict the ability to make changes to the database because reporting users are primarily interested in reading data, not altering it.
Application user: This ...
Get Microsoft® SQL Server™ 2008 All-In-One Desk Reference For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
