Don't. What you are doing is called string concatenation, and it is (as you have seen) dangerous.
Instead, use a parametrized query:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand com = new SqlCommand("INSERT INTO myTable (myColumn1, myColumn2) VALUES (@ID, @NAME)", con))
{
com.Parameters.AddWithValue("@ID", row["id"]);
com.Parameters.AddWithValue("@NAME", row["Name"].ToString()).Trim());
com.ExecuteNonQuery();
}
}
This way you don't have to worry about the data content - it gets transfered with problems.