Is the whole amount public, or only for each client or customer? What I mean is, if I were a customer, I should of course know how much bitcoins you have that are assigned to me, but should I also know another customers amount of bitcoins. Maybe that information need not be public.
In which case, people can only speculate how many bitcoins you have in total, but not exactly. If that is true, then no one can ever be sure how much more bitcoins you control.
Kindly correct me if I am wrong. I do not know what business or service you are planning to do, so I do not know how it will operate.
For password security, you could try using a Yubikey or something similar (static mode maybe.) You will never remember the entire password and it can be destroyed convincingly to bad guys so they know they can't get anything from you. A backup should exist, and you can use the bank safety deposit box for that purpose.
Or you could design your own "panic room" not unlike the bank, or the storage unit. Like a large vault. It could be anywhere, it could be undetectable, it could be secret, no one knows where it is, etc.
Again, physical security.
If using remote computers through secure channels, you could always encrypt those systems. Backups get encrypted too.
Personally, I'd just have a laptop with my own mobile internet to do the transactions, and it never leaves my person, has tamper proof seals, and is auto-format/auto-wipe when I don't do something right. It will of course be encrypted so just wiping the keys (or the first and last megabyte) is more than enough to render it useless.
You could use a virtual machine or virtual OS that sits in an encrypted volume (such as TrueCrypt) but is only mounted manually, on a drive that has a wipe function in the startup folder that will wipe the same volume unless you stop it in time.
I actually made a small program to partially wipe a file on a drive. (I use TrueCrypt on Windows XP, you could use FAT32 instead of NTFS.) That way the file is gone if you don't boot it properly, and a single button short-cut or key combination will also do the same thing or do an instant shutdown, also keeping the data (and the private keys) safe.
If you are operating like something like a pawn shop or investing firm or bank like in nature or money changer, then you MUST have physical security, or at least a building that has double locks to give you enough time to push the panic button.
There are some things about your operation that should be kept secret from everyone else, like the nature of your self-destruct mechanism, your passwords, your yubikey, your fingerprints or other biometric security, and the location of your safe room.
If your business can not afford to hire even one armed security guard, then it is not something you should be doing. You'd have to weigh the cost-benefit analysis of this yourself.
Again, personally, I would do my own physical security, and acquire my own firearm (actually, I already have one) but that really depends on where you live and the laws of your country.
Businessmen in my country who are rich enough usually hire at least one bodyguard. There are very few who are completely unarmed, and only because no one else really knows what they're doing, and it's easy to keep some things secret around here.
I don't know what your business is, so I'm sorry if none of what I said can apply to you. I run a business that has several branches in several malls (it's an old fashioned business selling specialty items, unfortunately not for bitcoins) and I've learned how to protect myself from all but the most determined attackers.
Dabs, thanks for the input. Unfortunately, because of the type of business, every address I was holding coins in would be public, and people could then look at the blockchain to find the balances. The whole amount would be public, not by choice.
I bolded the part about body guards. I am curious if ANYONE dealing in Bitcoins has hired one for their Bitcoin business? I honestly cannot think of any of those companies making enough to impart some of the profits towards a bodyguard. Regardless, it is certainly not something I would be able to do. If physical protection like that is a requirement, then it's not a business I can start.
I do have my own firearms, and am not afraid to use them on any intruder.
And certainly, I agree that some of the measures of security should be obscured.