To protect the database itself from unauthorized access, you should define logins only for those users who need access to the database. Remove any logins that are not needed. In addition, you can prevent the Windows administrators from being able to access the database by removing the login for BUILTIN/Administrators
. However, before doing so, make sure that appropriate logins exist for the database users (for example, <sapsid>adm
and SAPService<SAPSID>
) and that they work properly.
Caution
Do not delete all logins. If you do, you cannot access the SQL Server anymore.
For more information about how to encrypt the data traffic between the SAP application and the SQL Server database, see the following documentation: