What ways are there to securely connect different sites/branches?

I’m somewhat new to the field, but I have been tasked with coming up with the best way to connect remote customer sites to our two main offices. The data sent across from the customer to the main offices contains sensitive information and needs to be protected adequately.

From what I’ve gathered, VPN connections would be one of the traditional ways of doing this, but I’m not sure about what topology would fit best, mesh or hub-and-spoke. There are probably a lot of things you can do with cloud computing too, and if you guys have any ideas that would be great.

I’m sure there are several more ways of transferring data securely and I would appreciate every single bit of advice!