Protecting the credentials used by your business is just as if not more important than those of your personal accounts. A compromised email account of a high level executive for example can result in everything from financial losses to trade secret loss. There are some basic steps that can make this harder that should be followed at a absolute minimum:
Almost everything is digital these days. As a result, there are going to be passwords for a multitude of services. The first step is to ensure that all users who have access to systems use strong passwords. Some systems can enforce this by policy. Some companies even go so far as to avoid services and banks that allow simple passwords.
Online systems and bank accounts also sometimes come with the option to enable two factor authentication. This has to benefits, first is that no system is accessible without the second form of authentication. The second is the notification when the system is accessed from any new browser or computer. Banks also come with their own dongles which generate custom codes based on the time. Whenever possible use those over single password systems.
Services like lastpass are used to store credentials etc, but more important they also have secure notes where things like account numbers, codes, pins etc can be stored. They are securely stored even on phones and computers and only decrypted when viewing. This prevents people from writing or storing such details on paper where it can be easily copied or stolen.