Microsoft has a great site on configuring your SQL server for high security or regulatory compliance.
Microsoft SQL Server 2008 is a secure and reliable platform for protecting data and for building compliance solutions. Conforming to regulatory legislation often impacts how data is stored and how it is accessed. SQL Server® 2008 provides the capabilities to address organizational needs around regulations such as HIPAA, SOX and PCI.
Whether dealing with separation of duties, key management or auditing and reporting, SQL Server 2008 provides the support needed to meet these demands.
Top New Features
- Increased ability to protect encryption keys
- Granular auditing capabilities
- Define, deploy and validate configuration policies destined for your databases
PCI Audit Results
SQL Server can help you comply with PCI compliance needs. Certified audit firm, Parente Randolph, evaluated SQL Server for PCI compliance and provides guidance to customers on passing PCI audits in a detailed whitepaper and informative webcast.
- Download the whitepaper
- View the webcast
Read the rest @> SQL Server 2008 Compliance | Microsoft