Encryption is the only possibility. If you are concerned about the security, once you send data on the wire, it is vulnerable, so it must be encrypted at the client.
Also, no matter what you do, if you drop all the data in unencrpyted form in the db, it is vulnerable. No RDBMS product is designed to "protect" this data from the sa. I even have a stored proc to decrypt stored procedure that are encrypted.
Steve Jones
steve@dkranch.net