Security Best Practices
Basic Principles
1. Protect Your Magic Link
Your Magic Link is the key to your system:
- Store it safely — password manager or encrypted note
- Do not share — unless absolutely trusted
- Review sign-in history — the Admin Panel shows recent activity
- Do not screenshot to share — screenshots may capture the full link
- Do not post publicly — forums, GitHub, social media
2. AI Companion Permission Hygiene
| Companion | Permission | Recommendation |
|---|---|---|
| Rose | Host root | Use only when system admin is required |
| Ada | Container | Customer-facing work and business flows |
| Vi | Container | Testing, queries, non-critical tasks |
Why This Matters
Rose can:
- Delete any data
- Modify system settings
- Reach across containers
Recommendation:
- Default daily chat to Ada or Vi
- Use Rose only when you need system-level actions
- When instructing Rose, confirm you understand the impact first
Data Protection
Backup Strategy
Suggested cadence:
├─ Daily: critical business data
├─ Weekly: full system snapshot
└─ Monthly: offline backup (download locally)How to Back Up
-
Use the Admin Panel’s Export Data
- Includes each container’s configuration and data
- One-click download
-
Regularly download important files
- Through the Admin Panel’s file browser
- Or SFTP (if configured)
-
Version control
- Put important code and configuration in GitHub / GitLab
- Don’t rely on a single copy on the VPS
Handling Sensitive Data
Do not let the AI handle:
- Credit card numbers
- Banking credentials
- Government IDs (unless encrypted)
- Customers’ private personal data
AI can safely handle:
- Business process automation
- Analyzing publicly available data
- General customer inquiries
- System maintenance commands
Connection Security
Strong Passwords
If you have SSH or other direct access:
- At least 16 characters
- Mix case, digits, symbols
- Generated and stored in a password manager
- Enable SSH key auth (stronger than passwords)
Network Environment
- Use a trusted network — avoid public Wi-Fi for the Admin Panel
- Verify HTTPS — confirm the browser lock icon
- Keep your browser current — stay on the latest security patches
Monitoring and Alerts
Regular Checks
| Item | Frequency | Where |
|---|---|---|
| Sign-in history | Weekly | Admin Panel → System Logs |
| Resource usage | Daily | Admin Panel System Bar |
| Backup status | Weekly | Verify the last backup |
| Container updates | Monthly | Check for new versions |
Warning Signs
The following may indicate a compromise:
- Sign-ins from unfamiliar locations
- Unusual resource spikes in a container (possible miner)
- Unknown processes running
- Files modified or deleted unexpectedly
If you detect an anomaly:
- Stop using the affected container immediately
- Contact realvco support
- Review the most recent backup
- Redeploy if necessary
Advanced Recommendations
Enable Two-Factor Authentication (When Available)
If realvco supports it in the future:
- Phone number binding
- Authenticator app
- Hardware security key
Network Segmentation
For larger operations:
- Dedicated network segments
- Restrict AI companion network access
- Tighter firewall rules
Audit Logging
Periodic review:
- Commands the AI executed
- File access events
- Outbound connection logs
Emergency Response
Suspected Compromise
-
Disconnect immediately
- Clear browser data
- Don’t click any suspicious links
-
Contact support
- Share the time and details of the anomaly
- Support will help investigate and remediate
-
Check backups
- Verify you have a recent clean backup
- Prepare for restore if needed
-
Redeploy (last resort)
- Issues a fresh Magic Token
- All old tokens are invalidated
Security Is a Practice
There is no perfect security — only continuous vigilance. Healthy habits:
- Update regularly — keep systems and tools current
- Back up regularly — avoid single points of failure
- Stay alert — watch for anomalies
- Keep learning — know the current threats
If you need help, reach out to the realvco support team any time.