First, we think hot wallets cannot be secure as many sites like Mt.Gox were hacked in the past no matter how hard they tried to secure their sites. So, we do not use hot wallets. Instead, we store all your Bitcoins in an offline computer (cold-storage) that cannot be accessed through the Internet, and the online wallet is only for monitoring purpose and cannot be used for withdrawals. The offline computer's hard disk and the wallet are all encrypted so even if some people get physical access to the offline computer, they still cannot access the wallet. Also, withdrawal requests are manually checked before they are processed.
Second, we believe transparency is very important. Therefore we adopted the proof of reserve audit approach described in this article. It generates verifiable audit results and has been adopted by a few big name exchanges such as Bitstamp and Bitfinex. We move this idea one step further. Instead of relying on a third party to verify that we have more Bitcoins than users' total balance, we directly show how much Bitcoin reserves we have and how much the total user balance is, and we do this weekly instead of quarterly or yearly. This removes the necessity of the third party, which users may not trust, and also provide much better transparency to the users.
The following is a screenshot of the Audit interface.

Third, when we copy the double checked unsigned transactions from the online computer to the offline computer to sign, we do not use USB drives, as the online computer may be infected with virus (although this is unlikely as both the offline and online computers are based on Linux. The offline computer is dedicated for signing transactions after the Linux system was installed, so there shouldn't be any virus). We convert the unsigned transactions to a QR code and show it on the online computer's screen, and then we use the camera of the offline computer to scan it. After signing the transactions, we display the QR code on the offline computer and use the online computer's camera to scan the signed transactions and propagate them into the Bitcoin network.
Forth, our system is deployed on the always update-to-date Linux operating system, and we follow the best practices of Linux server management. Our system is deliberately programmed in a secure fashion. Our databases are backed up every day, and all important information is logged and backed up as well.