Take a look at our doc on Hardening your PostgreSQL deployment.  We use these strategies internally and with our customers and it’s a great way to make sure you’re secure from top to bottom.

http://openscg.com/2013/04/security-hardening-postgresql/