A Perspective from Virtru's CMO on the Ever-Expanding Ecosystem of TDF Innovation
Today marks an important milestone in the evolution of data-centric security. Our colleagues at Kiteworks have announced their integration of Trusted Data Format (TDF) capabilities into their Private Data Network, as mentioned in a recent press release. As the Chief Marketing Officer of Virtru, the company whose co-founder and Chief Architect, Will Ackerly, invented TDF over 15 years ago, I want to extend our sincere congratulations to the Kiteworks team on this achievement.
In 2009, while working at the NSA, Will Ackerly did the hard work of digging the TDF trench that would fundamentally reshape how we think about data protection. This big idea — granular controls that travel with the data itself, at the object level, everywhere it moves — proved to be a wellspring of possibility. Over the following decade, TDF gained momentum, widespread adoption, and a global presence. Today, we're witnessing the emergence of a vast blue ocean, where organizations of all shapes and sizes are finally reconciling with the limitations of traditional perimeter-centric security architecture.
Kiteworks deserves kudos for beginning to understand this fundamental shift. As their Chief Product Officer, Yaron Galant, noted in their announcement, "The organization-level security perimeter has dissolved in modern operations.” This recognition — that security must be an inherent property of the data itself rather than dependent on network boundaries — represents a crucial awakening to the reality we at Virtru have been evangelizing for over a decade.
The Kiteworks team has come a long way in its journey. The implementation of OpenTDF, including the Key Access Service (KAS) and Policy Enforcement Point (PEP) as described in their materials, demonstrates a genuine effort to embrace standards-based digital rights management. They're learning to swim freestyle in these rapidly rising waters, and for that, they deserve recognition.
Their understanding that "protection doesn't travel with the data" in traditional models, and that TDF solves this by "embedding attribute-based access control policies directly within the data file itself," shows they're grasping the fundamental paradigm shift that's underway. This isn't just about adding another security layer; it's about reimagining security from the ground up, making it granular by default.
While we commend Kiteworks for taking these important first strokes, it's worth noting that mastering data-centric security is like learning to be a competitive swimmer. They've begun with freestyle, but the journey ahead will require mastering more sophisticated techniques: The backstroke of seamless user experience, the breaststroke of comprehensive policy orchestration, and the butterfly of advanced cryptographic controls for unstructured and structured data alike.
At Virtru, having invented TDF and spent the last 15 years as the world's leading commercial innovator on top of the TDF standard, we've already navigated these waters. True data-centric security goes beyond implementing standards. It means protecting sensitive data across a wide range of workflows, including email, files, apps, analytics, and agentic processes. It’s about creating native integrations that feel seamless, not bolted on, with policies that dynamically adapt to context while maintaining cryptographic enforcement.
Yes, Kiteworks and Virtru are competitors in some ways. But in the realm of data-centric security, we're also fellow travelers working to solve one of the most pressing challenges of our time: protecting sensitive information in an increasingly connected, perimeter-less world. Every organization that adopts TDF-based security validates the vision Will Ackerly had all those years ago when he first conceived of embedding control directly within data.
The fact that Kiteworks is now highlighting use cases spanning military operations, government agencies, and critical infrastructure — the very sectors where Virtru has been pioneering data-centric mission interoperability for years — shows that the market is catching up to where we've been leading.
As more vendors recognize that data-centric, granular-by-default security powered by TDF is the future, we welcome them to these waters. The blue ocean is vast enough for multiple players, and every new entrant validates the approach we pioneered.
To the Kiteworks team: Congratulations on beginning this journey. You've taken an important step by recognizing, as you put it, that security must transform "from a network boundary problem into a data-centric solution."
The future is data-centric. The future is granular. The future is TDF. And at Virtru, we're proud to have not just imagined this future, but to have been building it, refining it, and perfecting it since day one.