(Summary of an article by Gerhard Lindenmayer)
1. Layered Approach
2. Encrypt, Encrypt, Encrypt
3. Security Policy Enforcement
4. Strong Password Protection
5. Antivirus
6. Employee Data Removal
7. Internet Access Restrictions
8. Regularly Scheduled Patches
9. Firewalls and Intrusion
10. Regular Penetration Tests
(See the full article for an explanation of these concepts.)