sss78 - Fotolia

Manage Learn to apply best practices and optimize your operations.

How to secure bitcoin: What are the best ways to keep it safe?

As bitcoin's value has steadily increased, so too have cyberattacks on cryptocurrency exchanges and wallets. Michael Cobb explains how to keep your bitcoin secure.

One of our employees asked me recently what the best way to secure bitcoin is. I had no idea. Do you have any advice on bitcoin security?

While there's no pressing need to rush into upgrading your payment system to accept bitcoins, it is worth monitoring its usage, particularly for a business with a big internet presence or one that sells digital products and services, such as online games or subscriptions.

Cryptocurrency is probably here to stay, and although some countries, such as China, have banned its use, many countries -- including the U.S. -- appear more relaxed about its existence. Some large organizations began accepting payment for products and services in bitcoins; however, recent fluctuations in the value of bitcoin led some companies, like Valve and Stripe, to drop support of the cryptocurrency.

Still, many companies continue to accept bitcoin and other forms of cryptocurrency. One benefit for merchants is that bitcoin transaction fees are typically lower than the 2% to 3% charged by credit card processors. A top benefit for customers paying with bitcoins is that they leave no data behind that can be used in identity theft.

How to secure bitcoin

In addition to financial benefits, there are several elements that secure bitcoin from theft. Cryptography controls the creation and transfer of a cryptocurrency, and the protocols underlying bitcoin have proven to be robust. Bitcoin's use of a distributed ledger known as blockchain gives owners a record of all their transactions that cannot be tampered with because there is no single point of failure.

However, this hasn't stopped attackers from exploiting vulnerabilities within bitcoin exchanges or wallets -- the software used for storing bitcoins on computers or smartphones. Bitcoin exchanges are not regulated by the government, and they generally do not provide enough insurance and security to be used to store money in the same way as a bank.

For example, the Mt. Gox and Flexcoin exchanges both shut down after hackers allegedly stole hundreds of thousands of bitcoins from them in separate attacks.

bitcoin currency

Not surprisingly, a study by Dell SecureWorks in 2014 showed that, as the value of a bitcoin rose, so did the number of viruses designed to steal bitcoins from wallets. That trend has continued this year; there have been several cyberattacks on exchanges and wallets as the price of bitcoin and other cryptocurrencies has skyrocketed in recent months. In addition, new threats like cryptomining malware attacks have also emerged.

Despite the increasing rate of cyberattacks, cryptocurrency wallets are still among the best ways to secure bitcoin. Ideally, wallet software should be installed on a bootable USB or a live CD to ensure that the operating system is virus free and doesn't cache, log or store wallet keys anywhere.

Users have to treat their software wallet the same way they would a real one, and best practice is to use two wallets, keeping only a small amount of bitcoins on a computer or mobile phone for everyday use, with the balance kept in a separate offline wallet. This safeguards the majority of a user's bitcoins from malware trying to intercept the password used to access a wallet or to find unencrypted wallet data in the device's RAM.

The offline wallet needs to be kept physically secure -- maybe even in a traditional bank vault -- as the loss or theft of a wallet means the permanent loss of the bitcoins it contains. A computer hard drive storing more than $4.6 million worth of bitcoins was thrown away and lost when the owner forgot it contained 7,500 bitcoins.

Offline or cold storage services are available, but note that they aren't regulated by the financial services industry. Additionally, if an offline wallet is encrypted, it is important to not forget the passphrase. Some experts prefer not to encrypt this type of wallet because, in the event of death, descendants would not be able to access their inheritance.

Keeping bitcoin secure

Regular backups of a bitcoin wallet are essential to protect against computer failure, theft and human error, but never store them online, especially if the backup is not encrypted. Finally, always use the latest version of bitcoin software, and use a password that is at least 16 characters long.

Although bitcoin is a purely digital currency, it can be kept secure in analog form. Paper wallets can be used to store bitcoins offline, which significantly decreases the chances of the cryptocurrency being stolen by hackers or computer viruses. Printing the contents of a wallet -- basically the private keys and their corresponding public keys -- creates a physical record which, of course, must be kept secure.

Keeping bitcoins secure is complex and time-consuming, but well worth the trouble for anyone with a reasonable amount of bitcoins. Bitcoin is more than a passing internet fad, and when dedicated hardware wallets appear on the market, they should provide a better balance between security and ease of use, possibly increasing the general acceptance and use of bitcoins and cryptocurrency for online transactions.

Ask the expert
Want to ask Michael Cobb a question about application security? Submit your questions now via email. (All questions are anonymous.)

This was last published in February 2018

Dig Deeper on Data security strategies and governance