Built for private, dedicated
OpenClaw deployments.
OpenClaw's own documentation warns against using it as a hostile multi-tenant boundary. We take that seriously — every customer gets a dedicated, isolated gateway.
Security guarantees
Dedicated gateway per customer
Every account runs a completely separate OpenClaw instance on isolated infrastructure. Your agents, memory, and configuration never share runtime with another customer. This is not a multi-tenant pool.
No shared agent pool
Shared AI infrastructure means your agent state, context, and operations could bleed across tenants. We avoid this entirely. One gateway. One customer. Full isolation.
API key handling
Your model provider API keys are stored encrypted at rest, per-customer. We never use your keys for billing, never resell your token capacity, and never access your keys outside of forwarding your requests to your providers.
Backups and recovery
Daily automated backups of your OpenClaw configuration, memory, and state. Point-in-time restore available on request. On cancel, we export your data — you are never locked in.
Safer deployment defaults
Out of the box: loopback-first networking, authentication enabled, port exposure minimised, no public admin dashboards. We follow OpenClaw's own VPS deployment guidance rather than convenient shortcuts.
Approval controls and operational boundaries
Team and Managed Plus plans include approval gates for sensitive agent actions. Required interrupts let you review before an agent takes irreversible steps. Audit logs record who approved what and when.
Access controls
Dashboard access is scoped per-user. SSO and SCIM provisioning available on Managed Plus. We don't expose the underlying VPS or OpenClaw admin interface to end users by default.
The OpenClaw trust model, plainly
OpenClaw is designed to operate within a trusted network boundary — it assumes the agents and callers on the network are trustworthy. It explicitly warns that it is not a hostile multi-tenant security boundary.
This means: running multiple unrelated customers on the same OpenClaw instance is architecturally unsound for isolation requirements. The right pattern — which we follow — is a dedicated gateway per customer.
If you're evaluating managed OpenClaw services, the single most important question is: is my gateway shared with other customers? Ours is not.
Questions about security?
We're happy to walk through our setup in detail. Contact us or start with the plan that fits your isolation requirements.