Security of you data requires taking quite a number of factors into consideration, some that pop up to mind are:
1. Encryption of data in the DB.
2. Transport layer encryption.
3. Username & Password protection, strength and encryption/hashing.
4. SQL Injection and other data level ditch-holes.
See a quick review on
Securing SQL Server [
^]
Good luck,
Edo