Server setup file encryption

[kreno <kreno () kreno be>]

Hello,
We are trying to find an elegant solution to the following problem:
Our webapplication needs to access highly sensitive data. Leaving the 
data unencrypted is unacceptable. Here is the setup: currently there are 
2 boxes (we are not limited in hardware so if your solution involves 
more servers this would not be an issue), 1 MySQL database server and 1 
Apache webserver (with sensitive data) both running Linux. Note that the 
sensitive data currently resides in files, but this could easily be 
migrated into a database structure. Now, the problem is to provide some 
security on the sensitive data in case the server (database or web) is 
compromised.
This could be an answer:

Encrypt all sensitive data on the webserver and store the key in the 
database. However, if the webserver is compromised then the MySQL 
authentication information is easily found and thus also access to the 
database and the keys to the encrypted files. But, our webapplication 
has improved its security because it can only show usefull data when 
calling the appropriate decrypt routines. Meaning in case of 
vulnerabilities which might give access to the files only scrambled data 
would appear. Even more, there would only be a trace in the memory of 
the decrypted file. There is no need to decrypt and store the file on 
the disk.
It seems the returning weak link in all our solutions appears to be the 
need of hard coded authentication information on our webserver in order 
to connect to our database, which opens the world.
Are there any techniques available to secure our 
application/code/server/data?

My apologies if this was sent to the wrong list.

Kind regards,
Thomas.