If you are using strong encryption, then a techie can not decrypt it.
There is no way to prevent users from connecting via Query Analyzer or any similar query tool. What we do instead is only grant execute on stored procedures. We don't allow any direct table access as all data access is through stored procedures.
Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
Ramblings of a DBA (My SQL Server Blog)[/url]
Subscribe to my blog