Try to avoid unauthorized access to the Server. Keep Updated all scripts, themes and Plugins. Use complex passwords. Schedule a scan on the Server for malware checks. Avoid 777 permissions to any folder.
I'd also recommend using two-factor authentication in your hosting control panel and site admin. Or even a Universal Second Factor dongle (USB key), which I believe Google will be announcing a new range of shortly.
Having a password manager also makes the use of complex passwords relatively simple and easy.