Safety and Security
Passwords: Train your users on using safe passwords. Prefer password storage tools over easy to remember and guess passwords. Some password settings can be adapted to force stronger password or expiration time for example.
Backups: If you host the software yourself make sure there is a backup mechanism that works from A-Z. Try restoring backups on a regular base.
Restricting html input: It is possible to restrict what users can enter into text fields. By default new projects will refuse to accept anything which might potentially dangerous. As only your team can enter data there is low risk that dangerous data is entered in the first place. Therefore it is possible to disable that function or extend the allowed input.