As a developer security is a major concern in the elaboration of every website.

We recommend to every person or business who intend to collect user information, the acquisition of a SSL certificate.   The SSL certificate does not protect your site from hacking, but it encrypts the data.  This makes it way more difficult for hackers to access secured data.  They can see it, but not read it.

Also the SSL identify your site or company for users to know that you are who you say you are.  It gives you more credibility wit your customers.

The prices on SSL certificates ranges drastically.  And there are reasons for it.  You should get the one that is good for you and for your budget.

Another important thing is the security of your web host.  Unix like system, haves been the most secure so far.  This includes all Linux distributions.

But even when you have a reliable system for hosting, your hosting provider or administrator should be up-to date with patches and updates.

Most hosting companies do this for you, and you do not have to worry at all.  But if you own a dedicated server, or have an in house server, you will need someone watching for the security of your servers.

Also your applications that at one moment are secure, take the chance that with time, they could become less secure because of new ways to exploit the code.

Considering all of this, to invest on maintenance for your site, may not be a bad idea.

Another thing to consider is that the most valuable information running in your site is, the most chances on being hacked.  Usually small sites are not hacked other than injection of bad data.  Thanks God, we have many ways to void this from happenning.