Joomla Security - jos_
One of the few pieces of code that I can claim any credit for is the ability to define a database prefix to all the tables in your site and this dates back to the early days of Mambo around the end of 2003. The reason it was frst introduced was to allow site owners to install multiple version of Mambo on a single mysql database.
But now it serves a second purpose in "helping" to protect your site from some of the more common security hacks.
If you follow millw0rm or any of the other security sites you will have noticed that many of the exploits rely on your database tables being called jos_XXXXXX.
By simply using your own prefix you would have been protected from these exploits.
Of course none of this is a replacement for good server security (permissions etc) and good quality, and regularly maintained extensions but its a start.