i can protect DB by puting password through enterprise manager.. but if my client attach hard disk to anoth PC and copy the database files then he can open it anywhere he wants, cant these files be password protected ???
The database files are locked by the sqlserver process so there little option to get to the data unless a user has permissions to stop and start services ie an windows administrator.
You could enforce alternative NT permissions on the directory where the data files are stored but still an adminsitrator could change the permissions and carry on as above.
You could encrypt your file system to prevent theft of the hardware and data extraction through that method.
If you truly want to prevent the client from escaping with the data, then you will need to keep the database on a server that you can control.
What exactly would the client be escaping with? The SQL Code and schema? Granted, that is yours and properly so. However, the data belongs to the client.
Grant's suggestion is very useful, if you upgrade to SQL 2008. But with the Server being at the client, they can still pump the data and schema out of it if they have an admin account on the box and access to sql server (they can easily disable TDE, pump the data and schema out and then turn it back on).
No one has followed this question yet.