A few simple steps to keep you secure.
Require 2-factor authentication for important accounts, like Gmail and GitHub.
Require hard drives to be encrypted. FileVault makes this easy on Macs.
Use DMARC to verify emails sent from your domain. dmarcian is one provider.
Use a team password manager like 1Password to share passwords.