We have a SQL Server 2008 std on W2k8 Srv. SQL instance has about 20 separate databases, for access by our different clients with their own login creds. Our current security is that clients RDP into our LAN, everything inside our 192.x network. Our primary app is written in VB6 enterprise with connects to the SQL database.
If we move to Amazon AWS, it'll be like moving our existing SQL to public facing internet. We're also planing to move the VB6 App to the individual desktops of the clients, which effectively takes everyone off our network completely. The cloud.
We're asking for advice on finding the best, not too expensive, easy would be a plus, way to secure the public SQL box? Maybe our apps need some specific security programmed in APIs? Tokens? SSL? Tunnel? We already did the basics things like avoiding port 1433, and strong creds policies, etc, but these are weak. We're seeking direction to secure a public SQL Server.