We have a web application (sales crm) that interfaces a MySQL database. We are now beginning the development for a offline client to be used on a laptop or netbook where no internet connection is available. We plan on using replication to sync the data between the server and client (and client to server) when a internet connection becomes available.

My question is what is the best security practice as far as securing the local copy of the database. The client will be running MS Windows XP (or Vista) and we will not have control over what OS security they have. Is there a way to encrypt the entire local database? Or is there a better method?

We're not highly concerned about professional hackers, but are concerned with employees that may want to take their data with them when the join the competition.

Any suggestions?