Database users and security

Properly identifying database users allows to use database security and audit features.

To get the benefit of the database server security features, you should identify each physical user as a database user.

Some applications use a single database user for different end users, to avoid user management and connection issues in the database. This is not good practice because all user-related features of the database are unusable. Further, the single db user often has all database privileges and thus can lead in security issues.

According to the type of server, you must do this steps to create a database user:

1. Define the user as an operating system user.
2. Declare the user in the database server.
3. Grant database access privileges.

Each database server has its specific users management and data access privilege mechanisms. Check the vendor documentation for security features and make sure you can define the users, groups, and privileges in all database servers you want to use.