We thought of that, but didn't like the idea of assigning it to each table. We've since convinced the client that things are set up properly. That was after doing a web searching and finding the way we did it is considered best practice.
>The only other alternative I can think of is to allow SELECT/INSERT/UPDATE/DELETE access at object level. This way the whole DB will not have read/write access.
Craig Berntson
MCSD, Microsoft .Net MVP, Grape City Community Influencer