|Let me start with this. Any company computer on the internet is subject to data theft.|
The second part is easier.
1. Use wires.
2. Setup a good firewall. consider a pix or other device to limit any and all non-business data.
3. Use best practices on all systems to limit virus, malware, non-business applications.
"Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10