Logo

Security & Trust

TechnoMile is committed to maintaining our clients’ trust, keeping your data safe, and supporting your compliance with federal cybersecurity mandates. 

TechnoMile Support for FedRAMP and CMMC

Solutions Built for Compliance with Federal Cybersecurity Mandates

TechnoMile is an Independent Software Vendor (ISV) that builds and deploys cloud applications for the unique needs of government contractors, both on our proprietary TechnoMile GovCloud Platform as well as on top of either Salesforce or Microsoft Dynamics 365. TechnoMile’s integrated, AI-enabled Growth and Contracts Suites provide a comprehensive solution for managing the entire government contracting lifecycle while delivering end-to-end support for compliance with federal cybersecurity mandates, such as the Federal Risk and Authorization Management Program (FedRAMP) and Cybersecurity Maturity Model Certification (CMMC). Learn more below.   

The TechnoMile GovCloud Platform: Validated FedRAMP-Level Security

A variety of TechnoMile’s domain-specific products and services – including our ElevateAI Service, Transform Copilot, GovSearchAI, and GovSearch NoticesIQ – are built on the TechnoMile GovCloud Platform. The TechnoMile GovCloud Platform is hosted in a FedRAMP Authorized AWS environment and is protected by TechnoMile following NIST 800-53 Rev. 5 controls.

The TechnoMile GovCloud Platform has attained FedRAMP Moderate Equivalency with a 3PAO-validated Body of Evidence. This designation demonstrates that the TechnoMile GovCloud Platform is equipped to handle Controlled Unclassified Information (CUI) and satisfies the stringent security requirements of the Federal Risk and Authorization Management Program (FedRAMP). This designation also positions TechnoMile to support customers in meeting Cybersecurity Maturity Model Certification (CMMC) Level 2 standards. Prospective and current customers can verify TechnoMile’s FedRAMP Moderate Equivalency by requesting and reviewing the Body of Evidence and 3PAO assessment.

fedramp moderate high

TechnoMile CRM and CLM Applications: Deployment in FedRAMP Authorized Environments

TechnoMile also builds and deploys natively-developed cloud applications that run on top of either Salesforce or Microsoft Dynamics 365 – including TechnoMile Growth CRM, TechnoMile WinIt CRM, TechnoMile Contract Lifecycle Management (CLM), TechnoMile Agreement Management, and TechnoMile Pre-Award Management. Both Salesforce and Microsoft are Cloud Service Providers (CSPs) that offer SaaS/PaaS environments that maintain a broad range of compliance certifications, including FedRAMP and NIST 800-171. As an ISV, TechnoMile deploys our applications into the appropriate CSP environment based on each client’s preferred platform (Salesforce or Microsoft), required FedRAMP impact level (Moderate or High), CMMC objectives, and any other information security considerations. The client’s TechnoMile application inherits the security controls and policies of the CSP environment into which it is deployed and TechnoMile can provide best practices for configuration of the environment to support each client’s FedRAMP and CMMC compliance objectives.

TechnoMile is an ISV that is:

These certifications require that TechnoMile’s natively-developed applications undergo routine independent assessments of our security controls by Salesforce and Microsoft and that we remediate any identified vulnerabilities

CSP Compliance Certifications

Both Salesforce and Microsoft maintain a comprehensive range of compliance certifications and attestations for their cloud environments, which are inherited by TechnoMile solutions upon their deployment into the client’s preferred CSP environment:

  • ISO 27001

  • ISO 27017  

  • ISO 27018  

  • SOC 1 Type II (SSAE 18 Report)  

  • SOC 2 Type II (Trust Principles Report)  

  • PCI-DSS  

  • TRUSTe Certified Privacy Seal  

  • FedRAMP (NIST 800-53)  

  • NIST 800-171 

  • PrivacyMark from the JIPDEC  

For more details regarding Salesforce certifications, visit this site. For more details regarding Microsoft certifications, visit this site.  

compliance certifications
Commitment to Information Security

Security Policies & Procedures

TechnoMile is committed to maintaining our clients’ trust and keeping data secured. We maintain a written Information Security Program that is overseen by our Chief Information Officer and outlines the administrative, technical, and physical safeguards that we employ to protect our systems and ensure data security, integrity, and availability.

  • .01

    TechnoMile maintains a SOC 2 Type II attestation – a copy of the report may be obtained under NDA through TechnoMile’s Trust Center 

  • .02

    TechnoMile maintains an Information Security Program based on SOC 2 that aligns to NIST 800-171 security controls

  • .03

    TechnoMile performs internal and third-party penetration testing on production infrastructure

  • .04

    TechnoMile deploys our TechnoMile Platform and Services into FedRAMP-authorized cloud environments based on data types and compliance requirements

  • .05

    TechnoMile maintains formal IT security policies and procedures that:

    • Guide our collection, storage, and maintenance of personally identifiable information (PII) to protect PII from unauthorized disclosure 

    • Protect the physical and logical integrity of our IT resources by establishing standards for network security, protection against malicious software programs, connecting devices to the network, remote access, event monitoring, etc. 

    • Outline standards – such as user authorization/access requests, password policies, anti-virus software use, application of software updates, vulnerability management, encryption of storage devices, etc. – to appropriately secure IT systems, network resources, and applications 

    • Require all TechnoMile employees to participate in annual information security awareness training

  • .06

    TechnoMile Utilizes a secure Microsoft 365 cloud environment that complies with a broad range of legal and regulatory standards to manage its infrastructure and data, leveraging the Microsoft 365 compliance center, as well as Microsoft 365 intelligent security solutions for identity and access management, threat protection, information protection, and security management  

  • .07

    Partners with top-tier cloud services provider, Amazon Web Services (AWS), to host our TechnoMile Platform and Services in an environment that includes physical and logical protections and delivers robust performance and reliability:

    • Dual Next-Generation Firewalls from Cisco in high-availability routing  

    • Multiple layers of network security controls, including policy-based-routing (PBR), Web Application Firewall (WAF), and Intrusion-Detection/Intrusion-Prevention Systems (IDS/IPS) 

    • Advanced asymmetric encryption for protection of in-transit data from end-to-end 

    • At-rest data encryption of personally identifiable information (PII) to achieve a high level of data protection   

    • Real-time, continuous security monitoring 

    • State-of-the-art hosting facilities with availability zones to support automatic fail-over, environmental protections like fully redundant power systems, temperature/climate control, and protection against fire and water damage, as well as N+1 core applications 

    • Use of standardized, proven server configurations underpinned by optimized hardware results in predictable, stable performance 

    • Predictive high-availability and hot spare hardware delivers improved availability