Topic: Security Methods for Bitcoin Service Providers. (Read 17085 times)
great thanks
Thanks for the tip
In addition to 'best computing practices' and network security I wanted to share a simple method that I will be using to securely store and safeguard my 'customers' Bitcoins.
As well as, the usual back-up of the wallet.dat, encryption, regular system patching / updates and having a good firewall etc, etc...
I realized that I don't need to 'store' the Bitcoins at the Bitcoin address that is (a) managing transactions (b) generating more Bitcoins and which, therefore, is 'online' 24/7 and 'open' to a potential attacker.
A 2nd 'offline' machine with Bitcoin installed can be used to store the Bitcoins and only ever be connected to the internet when a bulk transaction is required. This 2nd Bitcoin address is only know to the service provider. This is a very simple solution to provided an always-on 'front of house' with secured 'vault' banking. In the unlikely event that a 'hacker' manages to steal your wallet.dat there will be 'nothing' in it aside from the most recently generated Bitcoins. A somewhat paranoid approach, but I think all will agree, very effective for security and piece of mind.
This maybe obvious to some, but I thought I would share this anyway.
I also recently discovered and have started using the open source Untangle Gateway. http://www.untangle.com/
This is great for Windows and Linux users and quite frankly I don't know of a better, free, 'all-in-one' solution that offers 'business' grade security.
Anyone with any other ideas or solutions feel free to add them.
As well as, the usual back-up of the wallet.dat, encryption, regular system patching / updates and having a good firewall etc, etc...
I realized that I don't need to 'store' the Bitcoins at the Bitcoin address that is (a) managing transactions (b) generating more Bitcoins and which, therefore, is 'online' 24/7 and 'open' to a potential attacker.
A 2nd 'offline' machine with Bitcoin installed can be used to store the Bitcoins and only ever be connected to the internet when a bulk transaction is required. This 2nd Bitcoin address is only know to the service provider. This is a very simple solution to provided an always-on 'front of house' with secured 'vault' banking. In the unlikely event that a 'hacker' manages to steal your wallet.dat there will be 'nothing' in it aside from the most recently generated Bitcoins. A somewhat paranoid approach, but I think all will agree, very effective for security and piece of mind.
This maybe obvious to some, but I thought I would share this anyway.
I also recently discovered and have started using the open source Untangle Gateway. http://www.untangle.com/
This is great for Windows and Linux users and quite frankly I don't know of a better, free, 'all-in-one' solution that offers 'business' grade security.
Anyone with any other ideas or solutions feel free to add them.
Jump to: