How current are the security patches on your SQL Server? If you don't keep abreast of the SQL Server security hotfixes that Microsoft publishes, you can be exposed to a significant security vulnerability and loss of data. Microsoft always rolls security patches into service packs, but it also releases them frequently between service packs.
How can you stay up-to-date? Here are two URLs that will help. The HotFix and Security Bulletin Service site (http://www.microsoft.com/technet/treeview/ default.asp?url=/technet/security/current.asp?productid=30&servicepackid=0) lets you quickly see all the security bulletins and patches relevant to any SQL Server version with any service pack. The Microsoft Security Notification Service (which you can register for at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/ security/bulletin/notify.asp) will notify you when Microsoft releases security bulletins and patches for products such as SQL Server. Use this service to make sure hackers don't learn about the next SQL Server security hole before you do.