We use technology called Multi-Party Computation (MPC). With MPC, the corresponding private key shares are created and encrypted in isolated Secure Hardware Enclaves across multiple cloud centers. To sign transactions, the key shares are used to perform multiple rounds of computation all without ever being brought into the same environment. Because of this, MPC eliminates the single point of compromise of private key creation and signing.
This is then backed-up with a broad scope of insurance coverage for Technology, Cyber and Professional Liability provided by Fireblocks (our custody infrastructure partner) with a coverage of up to $30M of loss of funds in case it occurs with Fireblocks secure assets.