I back up my blogs regularly using a free plugin WP DB Backup. I will always restore my website to the 13, if anything happens. I use WP Security Scan plugin to scan my site and WordPress Firewall to block requests that are suspicious-looking to repair hacked wordpress site.
I protect an access to important files on the site's server by placing an index.html file in the particular directory, that hides the files out of public view.
You must create a user, before you can delete the default admin account. To do this go to your WordPress Dashboard and click on User -> Create New User. Enter all of the information you will need to enter.
You may extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. I think you Discover More Here can use it for free and this plugin is a good option.
Do your homework and some searching, but if you are pressed for time and need to get this done once and for all, try out the WordPress security plugin that I This Site use. It is a relief to know that my website (and company!) are secure.