Enterprise Manager - How secure is it?

I connect to my clients SQL databases via Enterprise Manager. Most of the time the SQL server resides at a web host. A colleague recently told me that this is a huge security hole and I should be using Remote Desktop instead.

I would appreciate other input, opinions, and guidance on this issue.Actually both have problems ... they should both have a secure layer, but none has it ...
You can secure your remote SQL server more by putting a firewall before it that will only allow connections on port 1433 (SQL Server port) coming from certain IP addresses|||Another way to make it more secure is to configure the DB as a named instance, and change the network port to the DB.. This can be done through Enterprise manager.