Securing ASP.Net user database

I'm working on the web app which will be hosted on the client's server.

There are various restrictions/security measures in place and I'm concerned that these can be "hacked" because the client will have a direct access to the ASP.Net user database through the SSMS.

I can think of few ways to stop the user from doing this, but I'm interested to find out whether there are any speci开发者_JS百科fic standards that I should follow?

If the client has direct administrative access to the database, there's not much you can do. If these are the client's login details - why is this then a problem?