Virtru enables federal agencies to adopt a Zero Trust cybersecurity strategy. With Virtru, U.S. federal government agencies can demonstrate an actionable commitment to encrypt vital data at the object level, protecting sensitive information everywhere it’s shared.
Our SaaS products are authorized at the FedRAMP Moderate level, and we offer non-SaaS solutions for use within high-side contexts, including AWS C2S. Virtru technology is FIPS 140-compliant and provides granular, customizable protections that equip agencies with full control over and visibility into their data at all times, no matter where it travels.
For maximum security, we enable agencies to host their own keys, leveraging their preferred cloud or on-premise infrastructure. By hosting keys separately from data, agencies can strengthen Zero Trust posture and breach preparedness.
Our Trusted Data Format enables crypto-agility, so agencies can use the cryptographic algorithm of their choice and easily swap methods in the future. We equip agencies with the flexibility to evolve their cryptographic strategy at their own pace.
Ensure sensitive data can only be accessed by those with the right credentials and need to know. With Virtru, you can manage access control policies and enforcement, in conjunction with data tagging, for attribute-based access control (ABAC).
Virtru has partnered with the NATO Support and Procurement Agency (NSPA) and the NATO Communications and Information (NCI) Agency to provide technological, cyber defense solutions for NATO member states.
With Virtru, our agencies, coalition partners, and combatant commands can securely and rapidly share time-sensitive, mission critical information.
"Given growing market demand for Zero Trust Data Access (ZTDA) solutions and the clear opportunity for Virtru within the government market, we see great things on the horizon for Virtru. We are thrilled to partner with them on this journey and look forward to seeing what Virtru will deliver next to protect our nation and its data."
-Michael Chertoff, Secretary of the U.S. Department of Homeland Security from 2005 to 2009, Co-Founder and Executive Chairman of MC2 and The Chertoff Group
With our government email encryption and file protection solutions, federal agencies can equip their distributed teams to collaborate with confidence. With the ability to revoke access at any time, set expiration dates, watermark attachments, and disable forwarding, Virtru gives end users autonomy, security, and control over their data, everywhere it’s shared. Layer in Data Loss Prevention (DLP) rules as a safety net, plus encryption for SaaS applications such as SAP, for data protection across all workflows.
Whether relaying data from sensors in remote locations or embedded in medical equipment, Virtru’s Trusted Data Format (TDF) is flexible and versatile, protecting data on small devices and in low-bandwidth areas. With TDF, agencies can protect full-motion video, biometric data, and more.
For federal agencies, it’s critical to ensure sensitive data doesn’t fall into the wrong hands, and that it is only accessed by those with a need to know. Because many organizations have numerous levels of access rights, as well as numerous channels and products by which data is disseminated, data tagging and access management have become extremely complex. Powered by the Trusted Data Format (TDF), Virtru Secure File Collaboration simplifies secure data-sharing, automates encryption and access control, and streamlines federal data sharing workflows.
Break down data silos and equip mission and business owners to share data securely with external collaborators to unlock greater insights. In the same way that Virtru enables data owners to maintain full lifecycle control over their sensitive information and securely share it for approved analysis, we also empower analytic owners not only to maintain control of the analytic, but also to have a say in how the outputs of analysis are managed and tracked, adding a level of transparency and trust that offers the potential for faster outcomes while ensuring compliance with a wide array of security and privacy requirements, including those derived from FISMA, HIPAA, CJIS, ITAR, and others.
Discover how we holistically protect government data of all kinds, wherever it’s stored and shared, with granular controls for key management, data loss prevention, audit, and more. Click on the individual components for more detail.
Data-centric protection for email and files created at the endpoint, embedded in prominent productivity tools:
Virtru for Microsoft Outlook – Virtru’s email protection solution for messages and attachments as an add-on for the Outlook desktop application. Learn More →
Virtru for Gmail – Virtru’s email protection solution for messages and attachments sent from Gmail. Embedded in the native Gmail interface via a browser extension for seamless protection. Learn More →
Virtru for Google Drive – Virtru’s file protection solution for files stored in and shared via Google Drive. Seamlessly integrated into end users existing workflow via a browser extension. Learn More →
Customer-hosted, “hold-your-own” key management option that lets organizations host and manage encryption keys and supports integrations with hardware security modules (HSMs) for the highest levels of confidentiality and control. Learn More →
Server-level appliance that automatically applies Virtru’s data-centric protection and access controls to email and files shared by unprotected endpoints and applications (e.g. custom’ internal applications or enterprise SaaS applications) and allows integration with security scanning tools and other mailflow complexities.
Apps developed directly by customers using the Virtru SDKs via the Developer Hub. Examples include protecting data shared by IoT sensors / devices, robotic processes, secure file transfers, web forms submissions, and more. Learn More
Centralized administration panel that offers visibility of all protected data, access, and sharing activity, along with users and groups management, email content rule configuration for Data Loss Prevention, and other organization settings.
Support for export and integration of Virtru event logs, including all protection, access, control, and administrative activity, with SIEM tools and SOC operations for behavior monitoring, incident detection and remediation, forensic analysis, and compliance management.
Secure web-based browser application that enables seamless access to protected messages and files for external recipients and collaborators. Learn More →
Core component of Virtru’s SaaS-based key management infrastructure that lets organizations set, enforce, and manage policies to protect and control access to their data. The Virtru ACM hosts encryption keys, manages associated policies and entity attributes, and brokers authentication and authorization workflows using federated identities to mediate access to encryption keys and protected content.
Open standard for object-level encryption that binds encrypted data to policies and metadata to ensure only authorized users can access protected data. Learn More →
Virtru has a certified Authorization to Operate (ATO) at the moderate level under FedRAMP. As part of our FedRAMP compliance program, we adhere to the security controls defined in the NIST 800-53 and 800-171 publications to ensure the integrity of federal information systems.
Virtru’s security operations and processes are validated by third-party assessments for Service Organizations Control (SOC) 2 Type 2 Compliance. This attests that we can be trusted to safeguard sensitive customer data in the cloud.
Virtru's federal government contracting vehicles are managed in partnership with Carahsoft. You can view the full list on Carahsoft.com.
Mar 31, 2021- Mar 30, 2026
Dec 20, 2011- Dec 19, 2026
Aug 22, 2018- Aug 21, 2028
May 01, 2015- Apr 30, 2025
Get expert insights on how to address your data protection challenges and implement a Zero Trust architecture.