i have a MSSQL database server 2008, which is used and can be connected by my software developers for the development process. They all are using 'sa' account.
but i want to make one database where i can put my confidential info, and i want that database to be inaccessible to my developers.
how can i achieve that? Please describe me in steps so that i can follow easily.
NEVER give away sysadmin rights on a server. Neither should an application user have sysadmin rights, or an application run as sysadmin. These are horribly bad security practices
Developers at most should only have db_owner rights on the database(s) they are developing in.
If you are in a windows domain, use the following steps (elaborated from above)
1) In SQL Server Management Studio, create a new windows authenticated login on SQL Server from their Windows Login.
2) Under User Mappings, select the database they need to work in, and the db_owner role.