This is just one step in what ought to be a much larger intrusion detection and prevention plan.
If you don't start by taking security concerns into consideration in everything that you do, then you likely will leave a vulnerability somewhere.
A few additional things that you ought to consider are:
- The use of one or more properly configured firewalls (This can block RPC access from the internet)
- The use of cold wallets for storage, with limited funds in any hot wallets (This can reduce the amount of damage RPC commands can accomplish if your other security efforts fail)
- Restricting (through networking controls and other configurations) the hot wallet to being accessible ONLY from the 1 computer that you plan to use for generating outgoing transactions (This can block RPC access from internal systems and employees that aren't authorized to access the hot wallet)
- Sanity checks on outgoing transactions, using alerts and automatic shutdowns in case of unreasonable transactions (This can prevent loss of funds if an attacker gains access to other internal systems)
- Redundant verification and monitoring of all systems (This can alert you to the fact that someone may have gained access to internal systems before they get a chance to issue an RPC command)
- Timely application of security updates to your operating systems, firewalls, and all installed software. (This can prevent a user from exploiting a new security vulnerability to gain RPC access to your hot wallet)
- Limiting access to the minimum amount of access needed for any individual to perform their job (This can prevent unauthorized employees from accessing the hot wallet)
This is just the tip of an iceberg of security best practices and intrusion prevention.
If you are managing sums of bitcoin on behalf of others, and the value of that bitcoin is more than you would be able and willing to refund out of your own wealth, then in my opinion anyone involved in the operation of the business is criminally negligent if the business did not hire a well qualified technology security expert to be involved in all aspects of system development and maintenance.
In my opinion, any one involved in the development of such a user based system that does NOT hire a well qualified technology security expert AND loses user funds that they can not, or will not, refund deserves a significant (decades) amount of jail time.