UNIFIRA Limited
Effective Date: [24/02/2026]
UNIFIRA Limited (“Unifira”, “we”, “us”, or “our”) designs and operates enterprise software platforms with security embedded at the architectural, operational, and integration levels. Security is not treated as an add-on capability, but as a foundational requirement of our ERP and cloud operations services.
This Security Overview describes how Unifira protects platform data, integration credentials, and customer environments when delivering UNICUS and AIOps Admin.
UNIFIRA Limited is registered at 30 Avenue Road, Sutton, England, SM2 6JB, United Kingdom.
Unifira provides enterprise ERP functionality through UNICUS and cloud cost monitoring, migration support, infrastructure analytics, and operational intelligence through AIOps Admin.
Our platform integrates with customer-controlled environments, including public cloud and private cloud systems, for the purpose of monitoring, cost analysis, and infrastructure visibility. We do not assume operational control of customer environments, and we do not execute infrastructure changes without customer authorization.
Security within the Unifira ecosystem is built around:
Unifira encrypts sensitive data in transit and at rest using industry-standard encryption mechanisms.
All customer integration credentials, including API keys, authentication tokens, and cloud access secrets, are encrypted at rest within protected storage systems. Credentials are never stored in plaintext.
Transport-level encryption is enforced for all data transmitted between customer environments and the Unifira platform. Secure HTTPS/TLS connections are used to protect data in motion.
Long-term API keys provided by customers are stored in encrypted form and access to those credentials is strictly restricted within the platform.
Where temporary access tokens are used, they are generated securely and limited in scope and duration. These temporary tokens are designed to minimize persistent credential exposure within operational workflows.
AIOps Admin operates under a controlled permission model defined by the customer.
Under the current service architecture:
If customers elect to expand integration scope in the future, such changes are governed by explicit authorization and updated configuration.
Customers retain the ability to rotate, revoke, or replace integration credentials at any time.
Unifira operates under a multi-tenant architecture with logical isolation between customer environments.
Each tenant environment is segregated to prevent cross-customer data visibility. Application-level and infrastructure-level access controls are enforced to ensure monitoring data, analytics outputs, and integration credentials remain confined to the respective customer account.
Customer data is not shared between tenants.
Unifira supports customer-controlled encryption models, including Bring Your Own Key (BYOK) configurations where applicable.
BYOK allows customers to maintain additional control over encryption keys associated with certain data processing workflows. Under this model, customers retain authority over key lifecycle management.
Unifira does not claim ownership of customer-managed encryption keys and does not override customer-defined key policies.
In certain deployments, Unifira provides an agent-based integration model.
Under this architecture, a lightweight agent operates within the customer-controlled environment. The agent processes monitoring and telemetry data locally and securely transmits authorized data to the Unifira platform.
This design provides additional security advantages:
The agent functions strictly within the permission boundaries defined by the customer.
Unifira services are hosted on secured infrastructure environments.
Production systems are segmented from development systems. Administrative access is restricted and controlled using role-based access principles. System access is granted based on operational necessity.
Monitoring and logging controls are implemented to detect unusual activity patterns and maintain service integrity.
AIOps Admin analyzes infrastructure usage, billing data, and performance indicators to provide cost optimization insights, migration planning intelligence, and resource monitoring.
Unifira provides analytics and visibility tools designed to help customers reduce cloud waste, improve efficiency, and optimize infrastructure allocation. However, infrastructure decisions remain under customer control.
Unifira does not independently modify customer cloud environments without authorization.
Security is a shared responsibility between Unifira and its customers.
Unifira is responsible for securing the Unifira platform, protecting stored credentials, enforcing encryption, and maintaining tenant isolation.
Customers remain responsible for:
Security-related inquiries may be directed to:
UNIFIRA Limited
30 Avenue Road
Sutton, England, SM2 6JB
United Kingdom
Email: info@unifira.com