Be sure you understand <a href=”http://en.wikipedia.org/wiki/SQL_injection”>SQL injection</a> vulnerabilities. Ensure the system remains patched to the most current level. Limit management connections from your private network. Setup some type of monitoring to watch the system services and any attempts at exploiting weaknesses (not a trivial thing but a good idea).
You’ll want to setup port 1433 in the firewall to allow traffic from your networks public IP address(es) only. Otherwise people would be able to access the database from the Internet which will give them a way to break into your database. Having a database directly accessed from the Internet makes it a question of when someone will break in, not if someone will break in.
I would recommend setting up a VPN between the two sites so that the data between the sites is encrypted. This also gives the added benefit of not needing the SQL Server to be available from the Internet at all.
As for name resolution I’d recommend putting a DNS entry into your local DNS server pointing to the IP address which you need to access the SQL Server over. This way if you need to change the IP, you can simply update DNS without needing to reconfigure every one’s connection string.
Also I’d recommend using OLE instead of ODBC. OLE is slimmer and a little bit faster then ODBC.