Backing up your blog regularly helps in securing from fix wordpress malware hackers. You have to keep a copy of your files hide away in backup system that you can be confident of your database. This makes you a protected files that serves you in times of down is the machine. Hackers are less likely to slip from a bonded visit the site back up system.
Use strong passwords - Do what you can to use a password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are easy to guess!
One step you can take is to delete the default administrator account. This is critical because if you do not do it, malicious user know a user name which they could attempt to crack.
You may extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. I think this plugin is a fantastic option and you can use it.
These are only some of the things I do to protect my blogs. Thing is that they don't require much time to do. These are also easy solutions, which can be done.