Remote access to your system and firmware upgrades are ultimately up to YOU. Who knows what other distributor/manufacturers have embedded in their firmware.
Have at least two of every battery or AIO.
Keep copies of all firmware updates you download.
Keep copies of all software that you download.
Only update one device and run for some length of time to verify no issues before you upgrade the others.
Export/Save any configuration data for each device (particularly before a firmware update). If possible include the date/time in the save data filename.
Keep a written log of any modifications/updates/changes you make to your system so that you can backtrack if possible. This includes hardware, software, firmware and any wiring or additions/deletions you make.
Dongles are OK but operate without them. Connect only when you need technical support and they (the distributor/manufacturer) absolutely need direct access to your system. Many folks get caught up in the "remote access" or "remote monitoring" aspects of what the distributor/manufacturer sells and do not understand or comprehend the ramifications.
Dongles create remote access to your system. It is like opening your front door and leaving it open, the distributor/manufacturer now may have access to your entire network (along with illegal immigrants and bad actors). You opened the front door so what do your expect, you provided the dongle with the login credentials of you r WIFI/Firewall. Do you trust the remote (China) website your data is being sent to?
How many of you actually have a written log/notebook of your system?