Unanet’s cloud-based solution has been in place since June 2002. Unanet provides the infrastructure to host the Unanet software for this “Software as a Service” offering. Unanet Cloud customers receive security, reliability, and high availability through the Unanet software and Unanet’s managed services. The Unanet software provides password encryption, privileges by role, encryption of data in transit (TLS/SSL), encryption of data at rest (database encryption), and backup encryption.
Unanet, using Amazon Web Services (AWS) and Microsoft Azure, provides its cloud customers with a reliable, high-quality network infrastructure to support a high-speed private network and Internet access service. This includes high network availability, firewalls, redundant Internet bandwidth, uninterruptible and extended power, physically secure facilities, and off-site backup. Unanet Cloud employs sophisticated monitoring to proactively identify issues.
Benefits of Unanet's cloud solution
The Unanet Cloud platform allows customers to support their information technology needs in a scalable way. Our Cloud platform is built on tried-and-true world-class cloud technologies.
Over 1,500 customers are enjoying the benefits of the solution:
- Incremental cost rather than up-front license fees
- Ability to increase system capacity more easily
- Higher availability and remote access
- Customers’ IT staff can focus on higher priority areas rather than just keeping systems operational
- Availability of sandboxes for testing system upgrades and product releases
- Ability to inherit multiple meaningful compliances
Business application hosting services
Unanet Cloud is protected by firewalls on all segment interconnects, ACL controlled least-privileged
access and encrypted data in rest and data in motion. Strict change control and patch testing is applied
to data storage management, message/email notification services, load balancing, Secure Socket
Layer (SSL) certification, and Domain Name Service (DNS). Automated monitoring is configured to
detect abnormalities in the system performance with 24/7 on-call support to remediate incidents.
- Unanet provides support for NIST 800-171 and 800-88 compliance and this is documented and supported through the SOC2 Plus audit report.
- Unanet has successfully completed a third-party CMMC Level 3 pre-assessment and is partnered with a cybersecurity and CMMCAB-approved RPO organization for ongoing compliance management and
- The AWS hosting environments provided for our GovCon customers’ instance of Unanet software (US East-West regions) have been granted a Joint Authorization Board Provisional Authority-To-Operate (JAB P-ATO) and multiple Agency Authorizations (A-ATO) for moderate impact level.
- Datacenters are SOC1 and SOC2 compliant and independently audited
- Access to client databases is password protected, and limited to authorized DBAs
- No additional personnel (including Unanet personnel) have login access to your hosted site
- Application passwords stored in Unanet are encrypted, thus no one (including System Administrators and DBAs) can access your Unanet application
- Each client’s data is contained in its own table space and schema with separate usernames and passwords
- Data is encrypted both in transit and at rest
- Security alarms throughout the building are monitored and responded to around the clock
- Uninterruptible power supply delivers clean, consistent power via multiple redundant UPS systems
- Emergency energy provided by backup generators ensuring a consistent power supply to the facility
- Operations center–24/7 monitoring of all Internet operations and environmental conditions.
- The datacenter entrance is staffed with professional security officers who have undergone rigorous training and background checks. These security officers routinely patrol the datacenter and monitor the videos of cameras inside the datacenter at all times.
- We rely on Microsoft and Amazon’s best-in-class security measures
- Unanet provides centralized and automated application data protection
- The automated data backups are stored in multiple secure, geographically separate datacenters
- All backups are encrypted
- Systems are kept up to date with current security patches
- Unanet and its cloud partners coordinate maintenance schedules and utilize formal change management procedures
- All equipment is maintained by certified engineers who are backed up by vendor support contracts
- Unanet Cloud offers 99% or greater system uptimes
- The platform architecture includes the use of redundant components to minimize the possibility of service interruption
- Each site is served by multiple web servers using redundant load balancers designed to distribute load across both servers
- The application servers for a given elevation are in separate availability zones
- Should one server require maintenance or otherwise become unavailable, all requests are shifted to the other server without interruption. Should both front-end servers experience issues, additional virtual environments can quickly be configured to service those customers.
- Access-control lists (ACLs) and firewalls protect database instances from unauthorized insider access
- All sites are operated with SSL encryption enabled
- Security groups are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network
- ACLs, or traffic flow policies, are established on each managed interface, which manage and enforce the flow of traffic
- ACLs are configured using the principle of least privilege, where only those privileges which are essential to perform an intended function are granted
Security & best practices
Continuity of Operations (COOP) and disaster recovery services
Unanet has implemented a comprehensive COOP solution that addresses the cloud platform’s storage requirements, hardware redundancy, location independence, flexibility, and speed of recovery, which have been fully tested. We combine enterprise-class backup and restoration and multiple datacenter capabilities to ensure reliable service. This bundled offering enables Unanet to back up data for COOP purposes and restore to an alternate datacenter or a new AWS or Azure VPC. Unanet Cloud has an RPO as low as 15 minutes, meaning nearly 100% application and data availability.
Unanet’s backup procedure employs cloud-based, enterprise backup solutions to perform a primary full system backup and incremental backups daily. A complete copy of all backup data is replicated nightly to secondary site for continuous availability. In the event of a disaster or a need to recover servers, applications, or data, Unanet can restore directly from disk across the network from either backup storage location.
Our solution provides:
- Failover to COOP servers and storage systems from the backup copies of the production data, stored in multiple datacenter facilities
- Backup systems capable of storing Unanet’s current data and scaling up and down as necessary
- Daily backups of all systems, applications, and data
- Multiple storage groups and databases so that specific services can be restored without a full systemwide restore
The COOP plan Unanet has implemented includes:
- Servicing an estimated 200 customers per database server with two front-end servers
- Multiple geographically separated locations with primary infrastructure site and custom COOP to add fault tolerance/redundancy for databases
- Splitting the load across multiple availability zones, with the option to provision a new database server for recovery
Unanet Cloud Operations provides security, reliability, and availability with VPN access, firewall protection, router, and ACLs implemented via a series of written run books and using industry best practices. In addition, datacenter locations and cloud environments have closed-circuit monitors, alarm-triggered doors with secure card-key access, and “person-trap” restricted access to provide physical security to its datacenter. Datacenters are SOC2 compliant and independently audited. Unanet provides support for NIST 800-171 and 800-88 compliance and this is documented and supported through the SOC2 Plus audit report.
Together with our partners, Unanet provides a mature and low-risk operation that is based on industry best practices such as the Information Technology Infrastructure Library (ITIL) and is annually audited to prove we follow our written procedures. The Unanet cloud platform has successfully served customers since 2002.
Unanet’s product, agreements, and policies help organizations address best practices in privacy and specifically the EU General Data Protection Regulation (GDPR) compliance requirements. Unanet adheres to the EU-US Privacy Shield Framework and is included on the US Department of Commerce Department Privacy Shield List. For more information, see our Cloud Subscription License or request a copy of the Unanet Written Information Security Program description.