To secure the web app access to the database, I wanted to know is it best practice to allow the service account access execute permissions to all objects or is it more secure to limit the execute access to the needed objects? With limiting the access, what are the drawbacks? Is the only draw back that it could hinder the development team?
Who's responsibility would it be to oversee the stored procs access if execute to all object is not the right approach? Should it be the DBA or the software development team?
- This topic was modified 2 months ago by Neena.