Encrypt your wallet using the bitcoin client, and back up the wallet.dat EVERY time you create a new receive address.
Assuming you are talking about the Bitcoin-Qt wallet, this is a bit excessive if you generate receive addresses regularly, and isn't good enough if you send a lot of transactions and don't generate many new receive addresses. Note that every time you send a transaction the Bitcoin-Qt client uses a new address.
Don't forget that if you ever backed up your wallet before and it wasn't encrypted, you should probably send all the coins to a new wallet and encrypt/back it up. This way a copy laying around unencrypted can't ever be found and 'picked up' by a malicious program.
This isn't generally necessary as long as you don't re-use any of the receive addresses you generated prior to encrypting. It wouldn't be a bad idea to generate a new receive address after encrypting and send your entire balance to the new receive address though.