Really your only option here is to properly protect the server. You can use Encrypting File System (EFS) and encrypt the directories where the SQL Server data files reside (or you could go through the trouble of encrypting the files manually). If you go this route, make sure you plan it out carefully, including how to get the files decrypted by an account other than the service account running SQL Server. The issue is if I compromise the server, I will likely gain control of the account which serves as an escrow account for the purposes of decryption. At the very least, I have the ability to stop and restart SQL Server in single user mode and as an administrator of the server, SQL Server will automatically escalate me to sysadmin status as of SQL Server 2005. This is a "back door" that Microsoft built in because of so many folks locking themselves out of their SQL Servers in SQL Server 2000. Which is why I come back to: properly secure the server.
If you're on 2005 Transparent Database Encryption isn't an option. I *think* Windows file encryption is possible but I suspect it would really slow SQL Server down. Make sure access to the server is as restricted as possible. Check out the tools suppliers like Red Gate, Quest and Idera. One of them might offer something at a price. Personally I worry more about security of backups as they tend to go offsite. There are definitely 3rd party tools to encrypt backups. Those tools usually compress backups too which makes them much faster and provides another - admittedly thin - layer of protection as you need the tool to use the backup even if it's not encrypted.