On he technical side of any publicly accessible domains and websites it is important all the installations to be up to date. I is a good idea the websites to use SSL certificates. When it comes to privacy it is important what kind of data do the websites collect. Is it only cookies or it is also personal details through registrations and customer accounts.
As a hosting provider, you need to compartmentalize sites using cgroups(like cloudlinux).
As a siteowner,
- Keep website/plugins updated
- Use FTPS to upload files to your site
- HTTPS site for auth especially
- Change admin common login url if you can
- Dont use common/same passwords
- Hide showing error messages on page
- Disallow execute on upload folders
- Test for SQL/XSS injections