CCSS

The CryptoCurrency Security Standard

CryptoCurrency Security Standard (CCSS) helps to secure all information systems that make use of cryptocurrencies:

  • exchanges
  • web applications
  • cryptocurrency storage solutions

The C4 CCSS

CCSS was established by the CryptoCurrency Certification Consortium (C4) which establishes cryptocurrency standards that help ensure a balance of openness & privacy, security & usability, and trust & decentralisation. CCSS augments standard information security practices and is designed to complement existing information security standards (i.e. ISO 27001:2013) by introducing guidance for security best practices with respect to cryptocurrencies.

In a nutshell

CCSS is not designed to substitute or replace existing security standards; in fact, following the CCSS to the letter while ignoring standards like ISO 27001:2013 will likely lead to compromise.

CCSS covers a list of 10 security aspects of an information system that stores, transacts with, or accepts cryptocurrencies and should be considered as a separate set of recommendations that are applied overtop standard security practices. The minimum value of all 10 aspects determines an information system’s overall score within three (3) levels of increasing security:

  1. Level I – satisfies strong security, controls meets industry guidelines
  2. Level II – exceeds strong security, additional controls, redundancy
  3. Level III – exceeds enhanced levels of security, enforced formalised policies and procedures, advanced authentication, geographical distribution
The standard should be considered as a separate set of recommendations that are applied overtop standard security practices in other domains including business continuity, disaster recovery, network intrusion prevention, physical security, and vulnerability management.

Our services

We are working hard on our cryptocurrency security services, they are coming soon ..