By default NodeChef requires all clients to connect to the server using SSL and authenticate using a password. You can change your password from the dashboard if required.
A non super user is created and owns all databases you create. Your clients will connect to the database server using this user.
The database server after provisioning does not enforce any IP whitelisting rules by default. All clients can connect to the database and attempt to authenticate at this point. You can however enable access to specific IP addresses from the dashboard to prevent this.
To make changes to the default security settings, Navigate to the NodeChef task manager. Click on MSDB Actions → Access control.
For example, to whitelist an IP address, click on the Add Ip button and input the IPV4 address in the textbox. You can use the save changes button to update your changes.