Database Security is most important to every organisation with any elevated access should be disabled to product the database.
Below script is quick check to understand the User and its database roles in specific database. Make sure to grant or revoke appropriate database level access to end users/Group. Keep checking/auditing the role regularly.
USE [Your Database];
SELECT u.[name] AS [UserName], r.[name] AS RoleName
FROM sys.database_principals u
JOIN sys.database_role_members drm ON u.principal_id = drm.member_principal_id
JOIN sys.database_principals r ON drm.role_principal_id = r.principal_id
where u.[name] = 'dbo' OR u.[name] = 'db_owner'
Image from Microsoft