Security Best Practices

Basic Security Principles

Your Magic Link is the key to your system:

  • โœ… Store in a secure place: Password manager or encrypted notes
  • โœ… Donโ€™t share: Unless with absolutely trusted individuals
  • โœ… Regularly check login history: View recent login activity in Admin Panel
  • โŒ Donโ€™t screenshot and share: Screenshots may contain the complete Magic Link
  • โŒ Donโ€™t post in public places: Forums, GitHub, social media

2. AI Partner Permission Management

PartnerPermission LevelUsage Recommendations
RoseHost RootOnly use when system administration is needed
AdaContainer onlySuitable for external interactions, business processes
ViContainer onlySuitable for testing, queries, non-critical tasks

Why This Matters

Rose can:

  • Delete all data
  • Modify system settings
  • Access other containers

Recommendations:

  • Use Ada or Vi for daily conversations
  • Only use Rose when system operations are needed
  • When giving Rose commands, first confirm you understand the impact

Data Protection

Backup Strategy

Recommended backup frequency:
โ”œโ”€ Daily: Important business data
โ”œโ”€ Weekly: Full system backup
โ””โ”€ Monthly: Offline backup (download to local)

How to Backup

  1. Use Admin Panelโ€™s Export Data

    • Includes all container configurations and data
    • One-click download, simple operation

  2. Regularly download important files

    • Through Admin Panelโ€™s file management
    • Or use SFTP (if configured)

  3. Version control

    • Put important code configurations in GitHub/GitLab
    • Donโ€™t rely solely on a single copy on the VPS

Sensitive Data Handling

โŒ Donโ€™t let AI partners handle:

  • Credit card numbers
  • Bank account passwords
  • ID numbers (unless encrypted)
  • Customer personal privacy data

โœ… Can let AI partners handle:

  • Business process automation
  • Public data analysis and organization
  • General customer service inquiries
  • System maintenance commands

Connection Security

Use Strong Passwords

If you have configured SSH or other direct access:

  • Use passwords of at least 16 characters
  • Mix uppercase, lowercase, numbers, and symbols
  • Use password manager to generate and store
  • Enable SSH Key authentication (more secure than passwords)

Network Environment

  • โœ… Use trusted networks: Avoid public Wi-Fi when accessing Admin Panel
  • โœ… Check HTTPS: Ensure the address bar shows ๐Ÿ”’ lock icon
  • โœ… Regularly update browser: Keep latest security patches

Monitoring and Alerts

Regular Check Items

ItemFrequencyCheck Method
Login historyWeeklyAdmin Panel โ†’ System Logs
Resource usageDailyAdmin Panel System Bar
Backup statusWeeklyConfirm last backup time
Container updatesMonthlyCheck for new versions

Warning Signs

If you notice the following, there may be a security issue:

  • โš ๏ธ Unknown login records
  • โš ๏ธ Abnormal container resource spikes (possible mining malware)
  • โš ๏ธ Unfamiliar processes running
  • โš ๏ธ Files modified or deleted

When anomalies are detected:

  1. Immediately stop using the affected container
  2. Contact RealVco support
  3. Check recent backups
  4. Re-deploy if necessary

Advanced Security Recommendations

Enable Two-Factor Authentication (if available)

If RealVco supports it in the future:

  • Link phone number
  • Use Authenticator App
  • Hardware security keys

Network Segmentation

If business scale is larger:

  • Use dedicated network segments
  • Limit AI partner network access scope
  • Set stricter firewall rules

Log Auditing

Regularly review:

  • AI partner command execution logs
  • File access logs
  • Network connection logs

Emergency Response

If You Suspect Intrusion

  1. Immediately disconnect

    • Clear browser data
    • Donโ€™t click any suspicious links

  2. Contact support

    • Provide time and details of anomaly discovery
    • Support will assist with investigation and handling

  3. Check backups

    • Confirm recent clean backup
    • Prepare for restore (if needed)

  4. Re-deploy (last resort)

    • Will generate a new Magic Token
    • All old tokens immediately become invalid

Security is an Ongoing Process

There is no absolute security, only continuous vigilance. Develop good habits:

  • ๐Ÿ”„ Regular updates: Keep systems and tools up to date
  • ๐Ÿ“‹ Regular backups: Ensure data has redundancy
  • ๐Ÿ‘€ Stay vigilant: Watch for warning signs
  • ๐ŸŽ“ Continuous learning: Stay informed about latest security threats

Contact RealVco support team anytime when assistance is needed.