Good security guide. I will definitely try some of points.
Another poor man’s option is to set up an operating system dedicated for trading in a virtual environment (e.g. ‘virtualbox + Debian Linux’ is free). The virtualbox offers disk encryption option so that even if one loses its computer, the trading OS is encrypted. The Virtualbox allows one to import and export the OS, which is a channel for regular full OS backup.
The firewall settings inside the Virtualbox OS plus the virtualbox network settings could be an extra depth of defense if not the equivalence of a physical firewall device. Combined with an VPN inside the virtualbox OS, the network traffic shall be protected.
Anti-virus and Anti Malware is naturally a separate topic in the whole picture: Virtualbox solution (or any other hardware solutions) can not resist ‘keystroke recorders’.