First of all, I think the security risk of instant file initialization is a bit misunderstood. Let me try to explain how it works.
On a single instance server, any members of sysadmin may use DBCC PAGE to retrieve raw data which has not been erased. This may be an issue if the server has been reused for other purposes, without wiping the disks, or if a volume holding your data pages has been extended from a shared storage. Note though, the data in this instance is not at risk, it is the data which used to be stored on the same location which is at risk.
On a multi instnace server, it is the same. But in addition, data from a different instance may be at risk as well, as there may be different members of sysadmin on the two instances.
If you have a group of SQL Server sysadmins which controls ALL your SQL Servers, and you don't share storage array with anyone else, I'd say there is no security risk. Otherwise, I'd actually not be very concerned about the secure servers, they're just fine. The problem is the servers with looser security, where syadmins on this server potentially may reveal data which used to be stored on the more secure servers.
I hope this explanation is satisfactory.
Ole Kristian Velstadbråten Bangås - Virinco
Concatenating Row Values in Transact-SQL[/url]