Few things you need to ensure:
- Configure the SQL Server to listen to TCP/IP traffic
- Ensure that the firewalls are not blocking the traffic (Windows or other)
- Ensure that a secure communication is used, in other words VPN or similar. Otherwise the server easily becomes vulnerable to outside attacks.
- Ensure that you use complex enough passwords if using SQL Server authentication
To configure SQL Server, see
Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager)[
^]
To configure Windows firewall see
Configure a Windows Firewall for Database Engine Access[
^]