Welcome
Security Overview
Take a dive into how we secure and process your data.
Unanet ProposalAI Security Documentation
Overview
Unanet ProposalAI represents a breakthrough in government contracting technology, offering a sophisticated web-based platform designed to streamline the proposal creation process. Our flagship product, Unanet ProposalAI, leverages artificial intelligence to transform how contractors respond to government solicitations including RFPs, RFQs, and RFIs. The platform combines secure cloud infrastructure with state-of-the-art AI capabilities to dramatically reduce the time and effort required for bid creation while maintaining the highest standards of security and compliance. By analyzing historical performance data and applying advanced machine learning techniques, Unanet ProposalAI helps contractors create more competitive proposals while maintaining complete control over their sensitive information.System Architecture
High-Level Overview
Unanet ProposalAI operates as a modern web application built on secure cloud infrastructure. The platform employs a sophisticated multi-tier architecture that separates concerns between presentation, processing, and data storage layers. This separation ensures both optimal performance and enhanced security, as each layer can be independently secured and scaled. When you begin working with Unanet ProposalAI, the process typically follows these stages:- Upload your past performance documentation through our secure channels
- AI models analyze and learn from your historical data
- Process new solicitations through our intelligent system
- Automatically generate draft responses while maintaining full control
Cloud Infrastructure
Our platform operates on enterprise-grade cloud infrastructure, implementing industry best practices for security and reliability. We maintain multiple environments to support different security requirements, each operating in isolation to ensure data separation and compliance with various security standards. Key infrastructure features include:- Geographic distribution for optimal performance
- Built-in redundancy and failover capabilities
- Dedicated virtual networks for security isolation
- Continuous security monitoring and threat detection
Data Management
Data Ingestion
The security of your data begins at the point of ingestion. We’ve developed multiple secure pathways for data upload that cater to different security requirements and operational preferences.Direct Upload via Frontend
Our primary upload system implements a secure client-side approach that prioritizes both security and user experience. When you upload files through our web interface, we employ multiple security measures:- Direct-to-storage transmission using encrypted channels
- Immediate encryption of all data in transit
- Comprehensive file validation and scanning
- Automated malware detection
- Support for large file transfers with integrity checking
Full-Service Upload via Box IL4
For organizations requiring additional security measures, we offer integration with Box Impact Level 4. This enterprise-grade solution provides enhanced security features particularly suited for government contractors handling sensitive information. The Box IL4 integration provides:- Seamless integration with existing Box workflows
- Comprehensive audit logging
- Automated synchronization
- Preservation of existing security controls
Data Storage
Our data storage architecture implements multiple layers of security controls to protect information throughout its lifecycle. All data, whether at rest or in transit, is protected by industry-standard encryption protocols.Database Security
All structured data is protected by comprehensive security measures:- Enterprise-grade encryption at rest
- Secure key management
- Regular security audits
- Automated backup systems with encryption
- Granular access controls
Document Storage
Documents and unstructured data are stored in secure cloud storage with:- Server-side encryption
- Version control capabilities
- Automated lifecycle management
- Comprehensive access logging
- Regular security assessments
Offline Capabilities
Our offline architecture balances security with functionality:- No persistent local storage
- Secure memory management
- Automated session cleanup
- Regular security validation
Security Controls
Authentication
We support multiple authentication methods to meet various security requirements while maintaining ease of use.Single Sign-On (SSO)
Our primary authentication method utilizes modern security standards:- Integration with major identity providers
- Secure token management
- Comprehensive audit logging
- Regular security assessments
Enterprise Authentication Options
For enterprise customers, we offer additional authentication methods:- OpenID Connect (OIDC) support
- SAML 2.0 integration where required
- Custom authentication solutions
- Enhanced security monitoring
Security Architecture
Our security architecture implements defense-in-depth principles:- Enterprise-grade firewalls
- Advanced threat detection
- Continuous security monitoring
- Regular penetration testing
Deployment Options
We offer flexible deployment options to meet various security requirements:Commercial Cloud
Our standard deployment provides:- Optimal performance and security
- Regular updates and monitoring
- Geographic distribution
- Comprehensive security controls
Enhanced Security Deployments
For customers with additional security requirements:- Support for CUI data handling
- ITAR compliance capabilities
- Custom security configurations
- Enhanced monitoring and auditing
Compliance and Certification
Security Assessment
We maintain comprehensive security programs and welcome customer assessments:- Support for vendor risk management processes
- Detailed security questionnaire responses
- Regular third-party assessments
- Continuous compliance monitoring