The way to secure Jenkins is mentioned below :-
Ensure global security is on.
Ensure that Jenkins is integrated with company’s user directory with appropriate plugin.
Ensure that Matrix/Project matrix is enabled to fine tune access.
Automate the process of setting rights/privileges in Jenkins with custom version controlled script.
Limit physical access to Jenkins data/folders.
Periodically run security audits on same.
Explain how to create a backup and copy files in Jenkins?
To create a backup, all you need to do is to periodically back up your JENKINS_HOME directory. This contains all of your build jobs configurations, your slave node configurations, and your build history. To create a back-up of your Jenkins setup, just copy this directory. You can also copy a job directory to clone or replicate a job or rename the directory.