I have a client who is concerned with someone breaking in to their office and stealing their server and then being able to get access to the data. The server uses Active Directory and a SQL database. The database by software design uses authentication access.
I know there are tools that allow someone to reset the password to the domain administrator, etc.. and then get to the data.
Is there any good way to reduce this risk in the case of someone stealing the server?
If yes, does it take a big performance hit in regards to disk i/o?