To protect the database itself from unauthorized access, you should define logins only for those users who need access to the database. Remove any logins that are not needed. In addition, you can prevent the Windows administrators from being able to access the database by removing the login for BUILTIN/Administrators. However, before doing so, make sure that appropriate logins exist for the database users (for example, <sapsid>adm and SAPService<SAPSID>) and that they work properly.