Defense-in-Depth Security

Security Through Physical Isolation

Every user runs on their own dedicated virtual server with hardened OS, managed firewall, and containerized isolation. Your data persists on encrypted enterprise-grade storage. Zero shared resources. Zero kernel-level access between users.

The Security Flow

Every request follows this secure path

User Request

Encrypted message from your device

Identity Gateway

Zero-trust authentication

Provisioning

Dedicated server allocation

Secure Runtime

Isolated environment creation

Task Execution

AI processing in isolation

Persistent Storage

Encrypted data retention

Four Layers of Protection

Defense in depth. Every layer adds another barrier between threats and your data.

Infrastructure Isolation

Single-tenant virtual servers with isolated kernel, dedicated compute resources, and independent IP addressing. No hypervisor sharing with other customers.

Dedicated vCPUsIsolated memoryIndependent kernel

Network Defense

Managed firewall with default-deny posture. Key-based authentication, token-secured application gateway, and automated threat detection.

Default-deny policyKey-based authThreat detection

Runtime Isolation

Containerized application security with non-privileged execution, filesystem restrictions, resource quotas, and network namespace isolation.

Non-root executionResource limitsNetwork isolation

Data Protection

Enterprise-grade NVMe storage with AES-256 encryption at rest. Automated backups, user-controlled data lifecycle, and geographic redundancy options.

AES-256 encryptionAutomated backupsGeographic redundancy

Secure Access Methods

Choose how you interact with your OpenClaw instance. Web UI for everyone, SSH for power users.

Web UI

All Plans

Browser-based dashboard available on all plans. Manage your agents, configure settings, and monitor activity through an intuitive interface.

SSH / Terminal Access

Pro & Power

Direct server access via SSH for advanced users who need full control over their OpenClaw environment and underlying system.

Compliance & Certifications

We meet the highest standards so you don't have to worry.

Single-Tenant Architecture

Dedicated resources with no shared hypervisor

Verified

GDPR Ready

Full data protection compliance for EU customers

Compliant

Encrypted Data at Rest

AES-256 encryption for all stored data

Verified

CCPA

California Consumer Privacy Act compliant

Compliant

“We built ShipTasks with a simple principle: your infrastructure is yours alone. Single-tenant architecture means complete isolation from other users. Your data, your resources, your dedicated environment.”

— Security Team, ShipTasks