i would, lock everything down. starting with wpa2 with a really long random string, I would even change the wireless network SSID to a random string.
(part of the crypto use the ssid in the hash)
I would add, mac address auth, change all my DHCP settings. and even hide my network.
just to start, off the top of my head....