Yes, I would say that your setup is relatively secure. (remember to keep the encryption key/password used secure, don't name it too obviously, and more off-site backups too)
However, have you looked in multi-sig for your cold wallet needs?
Thanks John. Do you think uploading a backup of the .wallet file to google drive is okay? I know about multi-sig but how exactly would I use it. Would I make two wallets myself and sign off both transactions when needed?
But I thought the whole point of doing a live ubuntu boot was that you have a fresh OS free from all the nasty stuff?
Yes, that's true. The other benefit is that nothing is persistent, so whenever you are done, just remove the CD or USB drive that holds the live image and you are good, but the bigger advantage of using a live image is hiding your tracks. Think Tails OS.
Thanks for the reply. Actually the usb live boot is persistent to 500mb (I hope I'm saying this right). I had to because in order to keep the armory client on the usb and not deleting everytime I had to make it persistent.
I would certainly rename and use multiple encryption systems before daring to upload it online - one of my personal favorites when I acted as an escrow is double-encrypting using Truecrypt and GPG, thus ensuring both a password and a GPG key is required before even the wallet file is revealed.
As for the multi-signature system, you would generate 3 keypairs for example, and keep them stored at different locations with different backup techniques. This is more of a long term back up technique, as ideally you would change the address (and the associated keypairs) when you use the wallet for the first time.