Magento has the largest market share in the ecommerce software industry which makes it a target for hackers. The Shoplift exploit exposed earlier this year affected thousands of Magento stores. Magento released security patches to combat the breach however more can be done to ensure increased security.
Our friends over at Cloudways wrote an excellent blog post detailing the individual steps you can take to protect your Magento store.
TIP# 1: Use the latest Magento version TIP# 2: Use two-factor authentication TIP# 3: Set a custom path for the admin panel TIP# 4: Acquire encrypted connection (SSL/HTTPS) TIP# 5: Use Secure FTP TIP# 6: Have an active backup plan TIP# 7: Disable directory indexing TIP# 8: Be wise with your Magento password TIP# 9: Eliminate e-mail loopholes TIP# 10: Invest in a sound hosting plan TIP# 11: Prevent MySQL injection TIP# 12: Get a Magento security review done TIP# 13: Get in touch with the Magento Community