I'm with Flying Fox on this one.
If you actually want to secure the data properly with a technical solution, that's gonna be expensive for a tiny shop like that, there are too many problems and too many workarounds unless you have serious infrastructure and technical know how. Since you cant realistically do it with tech unless you want to shell out a good portion of money, and most of what you can easily implement can probably be googled around, as mac-filtering, etc, it's a soft problem, with soft solutions.
That is, policy and acceptance from the employees. I.e. taking proprietary information from the systems, should be grounds for dismissal and damages. Eithery they sign it or they dont work there if the client is really anal about it. But keeping people that needs access to the data in their work, not being able to access it and carry it home in some format or another next to impossible. Printed documents, mobile takes a photo of the screen. USB Memories, personal devices, just comitting the information to memory, etc.
Keeping outsiders from getting it, is more easily realised. As is keepign employees that should'nt be able to access the data. The data resides on a servers, the easiest would be to set rights on file system on who can access it. But trying to limit it on a network basis, is probably doomed to fail as far as employees go if they need access for work. This does not account for collusion or an employee helping another employee to access it though.