No they are not. Is it because I'm using Microsoft SQL Server Management Studio. The way I do my test is that I created a new Windows Account, log to the Management Studio and delete a table, delete a database. This user doesn't exist in the SQL Database at all and I'm able to do everithing I want. This is not good security.
Thanks for the Hint. I try with an account that was Domain Admin. I didn't knew that connecting to SQL Server with Domain Admin Account give you all the rights. I try with regular user and they can't access my DB. So for this, it is fine but if one of they other Domain Admin in the office wants to screw up the database, he can. It's scary even if I don't thing others will try it.
Although they have pretty blue eyes we don't leave it to chance that the domain admins or local admins (intentionally or unintentionally) mess up our servers. So we remove the login "BUILTIN\Administrators".
Before you do this just make sure you've still got access to SQL Server after you do this. Ofcourse you never log in with "sa" (and have the password safely stored for future reference) so add your own account to the logins and give it the sysadmin server role.