Most of what others have said can be summed up as preparation - you have already identified the big risk lack of bandwidth and are looking to take steps to mitigate that.
As for tools. Use The Microsoft Deployment Tool Kit (MDT http://technet.microsoft.com/en-US/windows/dn475741.aspx ) to create a master image. The resulting image can be deployed from a bootable USB stick and can include core apps - the OS, Office, AV/AM, PDF, VLC, etc. and optional apps to be selected at deployment time on a per machine basis if required. The bigger the image the longer the copy takes but the faster the post copy install. So build a reference machine, install Office and other tools, connect it to the internet and install all updates, sysprep it, image it, slap it on a bootable USB, deploy it, boot it, tweak it, install other apps, finished.
NOTE: some 3rd part applications really hate being sysprepped - YMMV.
Drivers - make sure you take the latest versions of all drivers for the deployed hardware - video, network, disk, etc.
As for updates - there appear to be a number of tools that will pull (Microsoft) required updates down to a single computer for 'offline' install. You would then need a batch job to run on each computer to check on the 'puller' for updates - this would limit bandwidth use. Personally I think I would just trust to BITS to back off bandwidth usage when other traffic is present. (I thought there was a way to tell clients to get updates from another client -not a WSUS server - but can not find that now.)