SQL Server 2008 Data Security - TDE: Transperent Data Encryption what you need to know
What kind of security features you adopt to protect your data?
Login security, permissions and unauthorised access to your data, there is more you can do with SQL Server 2008 new feature called TDE - Transperent Data Encryption that is provided automatically. Before that you need to know few things about TDE such as database encryption key that will enable database encryption key options to re-encrypt, server certificate that will be needed to set the encryption and for this by default VIEW DEFINITION permission is required. Now comes to using server assymmetric key that is security by an asymmetric key (bear in mind the current SQL 2008 CTP doesn't have this feature enabled). Using SSMS You can also regenerate database encryption and view the algorithm used within database encryption which is AES128.
Then next coming to precautions such as securing the database such as secure systems, encrypting data and also restricting physical media access from client machines. Within these best practices there is one to encrypt the sensitive data in the database and protect the keys that are used to encrypt the data with a certificate. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance. TDE performs realtime I/O encryption and decryption of data & log files, which is stored in database boot record with a secured certificate stored in master database. Encryption of the database file is performed at the page level within an encrypted database are encrypted before they are written to disk and decrypted when read into memory.
To know more about this and get hands-on practicality refer to http://blogs.technet.com/andrew/archive/2007/11/29/sql-server-2008-transparent-data-encryption.aspx this post.