Is it safe to assume that the way to go to keep things as secure as possible is to have a dedicated server?

I am also using a shared host to build the site, and will migrate when I feel the build is up to snuff. So what can I be doing to keep the site secure in the mean time?