EN
Contact Us

WPS AI Knowledge Base On-Premise Case

Zhejiang Provincial SOE Group · Zhejiang province SOE · 1,200+ employees · Hongguan delivery (Q1 2026 go-live)

Zhejiang Provincial SOE · Digital Office Transformation

Background

The client is a Zhejiang provincial SOE group with 6 subsidiaries and 1,200+ employees, operating in energy / infrastructure / public services. The group accumulated a large volume of historical project documents, technical specifications, regulatory texts, and internal policies — but scattered across 6 subsidiaries' file servers, email attachments, and personal USB drives. Finding one document required switching between 4 systems, asking 2 people, and waiting 30 minutes on average.

In early 2026, the group CIO launched the "Enterprise Knowledge Hub" project with strict requirements: (1) unified document management; (2) AI Q&A capability; (3) hard data security (no leaving internal network); (4) fine-grained permission (different subsidiaries / departments / roles see different document scopes).

Challenges

  • Hard data security: as a provincial SOE involved in public services with sensitive historical project data, data must never leave the internal network; public-cloud RAG solutions were immediately rejected
  • 6 subsidiary data isolation: group HQ can see all subsidiary documents, but subsidiaries cannot see each other's; visibility from HQ to subsidiaries is configurable
  • Document-level permission granularity: same document may be visible to different departments, roles, and time windows (e.g. HR files visible to HR pre-resignation, to supervisor post-resignation, to audit team during annual audit)
  • Missing document data governance: 80,000+ historical documents lacked unified tags / categories / classification labels, undermining AI Q&A quality
  • 4-6 week go-live window: POC → gray release → full launch within one quarter

Hongguan Solution

Hongguan delivered a three-piece on-premise stack: WPS 365 Enterprise + WPS AI Knowledge Base + Document Permission Governance. The core capability build spans three dimensions:

① Data Security (4 layers)

  • On-premise deployment: WPS 365 Enterprise + WPS AI knowledge base + vector database all deployed in the client's data center — zero data egress, works even offline
  • Transport encryption: all client ↔ server traffic over TLS 1.3
  • Storage encryption: documents + vector data AES-256 at rest
  • Network isolation: knowledge base services in a dedicated VLAN, only essential ports open

② Permission Management (3-layer granularity)

  • Department-level: knowledge scoping by tier-1 / tier-2 departments; HQ vs subsidiary visibility isolation
  • Role-level: by business role (Finance / Legal / HR / Project Manager / GM); same department different roles see different documents
  • Document-level: each document independently tagged with classification labels (Public / Internal / Confidential / Highly Confidential), visibility scope, edit / download / forward permissions, watermark rules
  • Special scenarios: auto-disable account + batch-transfer document ownership on resignation; temporary project groups can request "temporary visibility" with auto-expiry

③ Document Data Governance (6 dimensions)

  • Classification & tagging: batch AI auto-tagging on 80,000+ historical documents + manual review on 3,000+; categorized by business line / project / doc type / classification
  • Version management: full revision history traceable, no more "final_v3_really_final_no_more_changes.docx"
  • Knowledge source approval: each document needs department owner approval before joining AI knowledge base
  • Scheduled archiving: auto-archive by department / project / time; cold storage after 3 years inactive
  • Sensitive word and compliance review: built-in 500+ SOE compliance keywords (classified / bidding / salary); auto-alert and block violations
  • Data lineage: every AI answer traces back to specific source document and paragraph — "every answer has a citation," no hallucinations

Implementation

  • Requirements research (1 week): interviewed 6 subsidiary IT heads + 4 business role types (Finance / Legal / HR / PM); output initial permission matrix
  • Deployment + integration (2 weeks): WPS 365 Enterprise + WPS AI knowledge base deployed on client infrastructure; integrated with AD domain, unified identity, email
  • Historical document migration (2 weeks): 80,000+ documents batch-migrated + AI auto-classification + 3,000+ manual review supplements
  • Gray release (1 week): pilot 200 users at group HQ for 1 week; collected feedback to refine permission rules
  • Full launch + training (ongoing): 1,200+ employees phased rollout; Hongguan technical team on-site for 2 weeks of usage training

Delivered Value

  • Zero data egress: passed MLPS 2.0 Level 3 assessment + group internal security audit
  • 60% improvement in document retrieval efficiency: average document find time from 30 min → 12 min; AI Q&A delivers direct answer + source document
  • Zero permission compliance incidents: no cross-department unauthorized access in 3 months since launch
  • 3× knowledge reuse rate: cross-subsidiary knowledge reuse went from "ask a person" to "ask AI"; new employee onboarding shortened by 40%
  • Closed-loop compliance audit: every document attribution, every access, every answer traceable; annual compliance audit materials ready in one pass

Client Testimonial

"Our data security requirement is zero compromise — Hongguan made the on-premise deployment bottom line clear from the very first meeting, and never pushed public-cloud solutions to close a sale. Three months after launch, group HQ plus 6 subsidiaries are all using it, permissions exactly match our specs, and AI answers trace back to specific document paragraphs. This is the 'trustworthy AI' we wanted."

— CIO, Zhejiang Provincial SOE Group

Your project can do this too

Whether you are an SOE, financial institution, or manufacturing group, Hongguan can deliver a similar WPS AI on-premise knowledge base using the same methodology.

Free Consultation WPS Zhejiang Gold Agent