The reason is that :
1. I wish to run multiple databases on a single server.
To do this securely each login must be granted db_owner on the database so we can use "deny view any database" to hide the other databases from view. (login can see all databases they are owner of however).
2. This creates a problem. We do not wish the users to be able to create backups even though they are db_owners.
It's here that I am having difficulties.