If you are really serious about security, first step is to avoid Windows. It is very, very weak and has a pile of vulnerabilities.
I had people "invading" my Windows OS and planting/modifying shortcuts without my consent. All I had to do was to connect to internet for that to happen.
Now, I use a Linux based operating system where no one can modify a thing as easy. Downloading external programs can be completely avoided if I wanted, on Windows they can be executed as soon as the download has finished (imagine if you authorized the download by accident).
There are no safe or idiot proof tips when you are using Windows. Then I won't waste my time giving you tips.
But if you use a Linux based operating system (Debian, Ubuntu, Mint) then all you should care about probably is:
1.Avoid downloading programs from external sites, if you do make sure it is from a trusted source.
2.Do not install countless extensions in your browser (install only what is absolutely necessary and if they're trusted), do not install modified browsers unless you know what you are doing.
3.Do not install remote desktop client, if you do make sure your password is strong enough and shutdown the server when it is not needed.
4.Use a decent password for both your root and user account, preferably different. Disable/Uninstall SSH server if it is not needed.
5.Do not install or run any command someone told you on forum, chat, or whatever unless you are sure those commands are not evil.
6.Backup your wallet regularly, use a password manager to make accounts with random and strong passwords and backup often and when needed. Do not repeat passwords across sites.
7.Keep both local and online backups of critical files, make sure your backup is encrypted so only you can access it in case they are stolen. You never know when a natural disaster will occur and wipe your house.
8.Avoid doing things via smartphone.
By following those simple rules I believe you are pretty safe and can sleep well at night.
I never lost a single penny to outside attacks using a Linux based operating system and by following simple rules above.
Yes. *nix or *nux is best for it.
But not all are in running some debian/ubuntu - even not in a desktop mode!
(dont use S.U.s.E. - all I have to say about this...)
Anyways.
Run a multi-signature wallet - even the easy Electrum wallet can with the portable version!
You always will need n+1 keys (how much you want) but dont forget - if the rule is 2/3 then you need 2 of those keys or you never can open your own wallet again.
Best would be to use a hardware wallet (cold wallet) with verification on button press or touchpad for the big money.
And use a small wallet for collecting bitcoin (and transfering it to the big wallet) and load up the small wallet (electrum for example) on windows only with what you want to spend.
And maybe try MultiBitHD - I was not fine with it on windows but it has additional security features against some other wallets.
