Whether you're new to using Joolma or just need a refresher on the security side of setting it up, you might want to check out this new post on the ProThemer.com blog about locking down your Joomla site.
It is a safe assumption when you first discovered Joomla, the last thing on your mind was how to handle security on your new website. I know it was for me. [...] By itself Joomla is a very secure CMS that sometime get’s a bad reputation.
He suggest two components to install to help harden your installation - ConfigServer and RSFirewall - both provide some extra security features on top of the base ones that come with the application. The second (RSFirewall) is a bit simpler than the first and might be a better starting place if you're not used to thinking about application security.