How can you ensure, with the least amount of effort, that users can only read data from the database?