The security challenge isn't with the tool, it's with permissions. If the Devs have an SA account, they'll be able to do lots of stuff whether they use SSMS or any other tool. Otoh, if you give them a SQL Server account with limited permissions, then they'll be limited whichever way they connect. This latter approach has the benefit of also applying to the sneaky type of Dev, such as one who might crack open a copy of MS-Access and attempt their own projects. Since their account is limited at the get-go, they'll never be able to do more than they're allowed.
Now, as for tools, there are lots to choose from. I work for a vendor, so take that with a grain of salt. However, David Stein is an independent blogger who's written a lot about various tools available for T-SQL programming with IntelliSense. His blog is at: http://www.made2mentor.com/.
I encourage you to check it out.
Hope this helps,
More content at http://KevinEKline.com