So, a question that should be asked is: How secure are your client connections? Here are a couple common misconceptions about SQL server client connections.
Misconception:Usernames & passwords (SQL or windows) are used to connect to SQL server databases, which means the client-server connection is secure.
Explanation
Usernames & passwords are used to control who has what level of permission (read/write/modify) to the data & database. By default, the information being transmitted is not encrypted.As John Martin shows in this article, it is relatively easy for someone with access to a network (wireless access point or LAN connection) to read the unencrypted data that is being sent between a SQL server and client.
