Granular refers to auditing. Do you need to track the specific user that did the CRUD call, and what did they do? Some companies want to track this, other times is mandated by law (HIPAA for example).

>As far as the one account I assume that means that what they've done in the past is simply create one SQL Server account for an entire application - so your connection string to the SQL Server backend would always be the same username/password no matter what user is logged in. As for the "granular" comment I can't even come up with a good guess - other than perhaps they don't use English properly..ha