1. Is there anything in addition to the above steps i can do to secure the network and computer?
You did not mention how you are going to secure your VPN. I would setup IPSEC 2 Phase Tunnel and being as smal as you are you could get away with a Pre-Shared Key.
2. Can i setup any web filters/content control? Suggestions for any free software or hardware component like a proxy that can do this functionality.
Sounds like you may want to setup a Linux Box running something like Squid to proxy your internet traffic.
Don't forget this does not protect the local computers. The computers connecting to the system may have Viruses before they connect. If you want to be absolutely secure then I would get a remote desktop program like VNC then you can have them remote control their computers from their home computers so that no data actually flows to the home computer or back.
You may want to get this any ways because it makes it easy to fix problems when you can remote into their computers. Yuo setup VNC to only accept connections from a static list of IPs so unless a hacker spoofs one of their IPs they can't get in and even if they did they need the Remote Password and the Domain Password.
3. Any suggestions for Free Email Filters? do i need one if all of us read email by logging into the email portal and read the email?
If you have some cash then MS Exchange is way easier.
4. How do i avoid phishing scams?
You don't. You can do like I do which is watch the Web for know phishing and send out email and block the IP on your firewall when you see them but otherwise you need an education program for your employees to teach them what to look for to identify phishing.
You look for URLs that are out side of the United States like any thing that end with country identifiers like .UK .CI and so on.
You also look for emails asking for personal information like...
Social Security Number
You should NEVER put this information in ANY email, even if it is legit, because email is sent across the internet clear text because any one can look at it.
Your best solution is to hire a consultant that will set all of this up for you.