Virtru has achieved Federal Risk and Authorization Management Program approval for its Data Security Platform.
Through the process, which was sponsored by the Centers for Disease Control and Prevention, the software received Authorization to Operate at the Moderate level, Virtru announced from its Washington, D.C. headquarters on Wednesday.
“Federal organizations are realizing the urgent need for data-centric security, embracing strategies that enhance rather than impede the mission by prioritizing control and secure access to data at a granular level first, while also protecting the systems and networks that store and transmit it,” said Virtru Co-Founder and Chief Technology Officer Will Ackerly.
He highlighted the Office of the Director of National Intelligence, which recently shared its goal of establishing a data-centric framework, as one of these organizations.
Virtru Data Security Platform, he said, provides public sector organizations with a foundation to “execute against advanced data-centric cybersecurity strategies.”
The system hosts a suite of data protection tools to help users scale data-centric security across sensitive data workflows. Since receiving its first FedRAMP ATO at the Moderate level in 2019, Virtru has diversified the platform’s set of capabilities to offer its users secure encryption, access controls and key management capabilities.
One expansion made to the system is the addition of the Virtru Secure Share encrypted file-sharing tool, which enables organizations to send and receive sensitive data securely while allowing data owners the option to remove access at any time.
Ackerly said that as a sponsor, the CDC used Virtru’s Data Security Platform to handle sensitive data at rest and in motion.
“Virtru’s FedRAMP Moderate ATO could not have come at a more critical time for our nation, and we look forward to our continued technology deployments for our federal customers,” he said.
Along with meeting FedRAMP standards, Virtru applications comply with FIPS 140-2, an encryption security requirement for cryptographic modules used by both agencies and contractors.
