Firstly, if you're using a router with WPS, disable it immediately. It's awful in terms of security (even if you don't have physical access to the device). Secondly, use a strong password for your wireless network. Ideally, use properly configured 802.1X authentication, but that's going beyond the scope and knowledge level of most home users.
If you're that worried, put all wireless devices on a separate VLAN and lock it down, that way if access is gained to the network, the attack surface is reduced.