In my opinion, the best way to make sure that your secure your wordpress website that is is through using a WordPress backup plugin. This is a fairly inexpensive, elegant and easy to use way to make sure that your website is available to you in the event of a disaster.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, that hides the files out of public view.
I don't think there's a person out there that after learning just how much of a problem WordPress hacking is that it is a good idea. But something I've noticed over the years is that when it comes to securing their blogs, bloggers seem to be stuck in this reactive state.
You could get an SSL Encyption Security for your WordPress blogs. The SSL Security makes encrypted and secure communications with your blog. You can also keep history of communication and the all the cookies so that all transactions are check out here recorded. Make sure that all your blogs get SSL security for utmost protection.
The plugin should be updated have WordPress, play nice with of your plugins and to stay current with the latest WordPress release and restore capabilities. The ability to clone your website (along with regular backups) can be useful if you ever want to do an offline website redesign, among other things.