Windows Azure SQL Database has two types of access control: SQL Authentication and a server-side firewall that restricts access by IP address. Along with access control SQL Database always maintains a secure connection to your database via SQL Server’s protocol encryption. Transparent Data Encryption (TDE) is not supported by this release of SQL Database, you can implement custom encryptions on the application level.
SQL Database only supports the tabular data stream (TDS) protocol, which is accessible via port 1433 and via the TCP connections. For more information on SQL Database data access, see Windows Azure SQL Database Firewall.
SQL Database firewall lets you allow or prevent connections from various sources to specific IP addresses or ranges. The SQL Database firewall can be managed via Database Manager or directly in the master database with the provided stored procedures. For more information, see Windows Azure SQL Database Firewall.
As with any implementation of SQL Server, user account management must be tightly controlled. SQL Database only supports SQL Server authentication. User accounts with strong passwords and configured with specific rights should be used as well to complement your data security model. For more information, see Windows Azure SQL Database SQL Authentication.
SQL Database only supports encrypted connections. All communication between SQL Database and client applications/tools require SSL. For more information, see Windows Azure SQL Database Connection Encryption.
In addition, take a look at the Windows Azure SQL Database Connection Security article to learn more about how to secure connection strings and the best security practices when working with SQL Database.
Because SQL Database supports TDS, this means you can for the most part connect and interact with the database just like you have always done. Taking advantage of ADO.NET encryption and trusted server certificates is definitely worth considering, especially when accessing your SQL Database from outside the cloud.