Lemme add to 9:
Use a VPN, SSL, or SSH ALWAYS. There is no reason to send sensitive data in plain text (even if the data itself is encrypted).
This ensures both confidentiality and integrity.
Great list though...My students will have to take a read!
Keep Up with TechRepublic