Since this is an Internet facing system. I suggest that you seriously look into changing the name of the Adminitrator account on the sytem to something unusual. This will prevent anyone from successfully attacking an account with a username of Administrator.
Be careful though! You may have programs or services that are tied to this account and may enocounter some er... shall we say opportunities.