My SOHO-sized company now needs to distribute this. Please add to it? Thank you! 
__company name__ Small Office-Home Office (SOHO) Best Security Practices and Guidelines Summary
As a friend of __company name__ or an advisor, ambassador or contractor, we suggest that you observe this summary of guidelines about securing your sensitive computer and mobile data. If you’re not expert about these things please request the help of qualified, expert computer security people about it all.
1.) Subscribe to and use an automatically-updated Internet security software suite which covers all your computers, your mobile devices (smartphones, laptops, tablets), your local network, and your network’s points of access such as its printers. If you transfer lots of sensitive data which need advanced security then we suggest that you consider adding a managed hardware firewall appliance in addition to your Internet security software.
2.) Software and hardware are “leaky”. Ensure that all your computing devices are automatically and regularly updated with their manufacturer’s and software publisher’s security patches.
3.) Never send sensitive data via unsecured e-mail. Sending sensitive data via unsecured e-mail is like sending them via postcard. Only it’s worse than that: automated network-sniffing software can and does intercept everything you send. It’s mostly good guys who do this. But why take chances? Use encrypted e-mail for all sensitive data.
4.) Use a password and on-line credentials management utility for your all computers and mobile devices. The utility must make easy and smooth for you to use its automatically-generated, account-specific passwords for specific accounts. It must automatically fill on-line forms, or even forms local to your computer’s operating system, each time you use a specific account.
Never use the same password twice for any reason. Use only one randomly-generated password for each account which is never used a second time on any other account. Change your passwords every so often when sensitive data are involved behind your credentials. Although many people do so, we recommend against uploading your log-in credentials to any cloud or company account. We prefer our own, local copies in our complete control, backed up in multiple, off-line locations.
Disable every other form of password credentials management on your computers and mobile devices, especially those in your Internet browser(s). Encryption using 256-bit AES security is our preferred baseline.
5.) Always have automatically-generated back-ups of all your data. You can use hard drives on your own network. Two local, identical back-ups on different drives, with the same data, using two different types of back-up software are not too many. We prefer to add cloud service back-up in case you’re unexpectedly parted from your hard drives. How often should you back-up your data? Answer that by asking yourself how much of it you can afford to lose.
6.) Start using reliable virtual private network (VPN) software on all your mobile devices whenever they are outside your home, secured network — and connected to a public, unsecured network. Never send sensitive data (credit card numbers, driver’s license, social security numbers) across an unsecured public network like java joints or restaurants. Use your software VPN.
7.) Store sensitive data on your local devices only when they’re encrypted. Bank account numbers, driver’s licenses and the like are easy to scan via sniffing software.
8.) Harden your local network. Check and see if your gateway/router/modem is using network address translation (NAT) and that it has at least some sort of configurable firewall. Never ever accept only your internet service provider’s word about how to secure and transport your data. Their service for you is primarily about sending your data, not securing it.
9.) Create your own little disaster recovery plan for ‘bare metal’ recovery and secured, live use of your data. Test it before anything actually happens.
10.) Have a trustworthy computer expert try and break into your network and report their results to you.
11.) Shredding isn’t just for surfers and skateboarders. Get and use a proper paper-shredder for all sensitive documents.
12.) When you upgrade your equipment use secure-erase software which safely wipes your old data.
Human, who sports only naturally-occurring DNA ~ oneironaut ~ broadcaster
I would mention that my strategies had been unexpectedly tested in California’s Superior Court in a labryinthine case involving the theft and illicit sale of a former client’s confidential customer list. When the client’s company employee sold a paper copy of the customer list, one of the first questions the judge asked was, What about their computer network? My strategies and records were called to attention and easily passed muster.
