The absolutely best way to ensure that it is secure is to unplug it, package it in a safe way and then bury it in the middle or a mountain. If you want to be able to use it the best way is to unplug the network cable.
But to be more realistic I think you want to be able to use it and have a network connection, probably a connection to the Internet. Then it becomes much harder. The most important is that you have to validate everything that goes into a database query to avoid database injection. Also you need a server that is configured perfectly, the best thing is to let a professional do that.
When it comes to encryption you have to understand the basics first. There are basically two ways to encrypt, encrypt the data to make it possible to restore or create a hashcode from it that makes it impossible to restore the data. If you encrypt the data then you need to store the key on another location, otherwise it is simple to get the key and decrypt it. If you create a hashcode then it is impossible to retrieve the data, but you can still check if it is the correct data that is inserted. This is most commonly used with passwords.
I hope that I have written all the basics here and that it makes sence. If not then I'm sure that someone will correct and add to what I have said.
