SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Secure digital vault encrypted data streams shields locks protected access
#
Data Protection
#
Encryption
#
Physical Security

Kiteworks brings TDF controls to secure data beyond perimeters

Fri, 21st Nov 2025
Author image
By Sean Mitchell, Publisher

Kiteworks has integrated Trusted Data Format (TDF) capabilities into its Private Data Network, adding digital rights management features that embed granular access controls directly within sensitive data files. This enhancement is designed to address the challenge of maintaining control over sensitive information that moves across organisational boundaries, systems, and locations, particularly for military, intelligence, government, and critical infrastructure sectors.

Control outside perimeter

Organisations frequently encounter difficulties when handling data that must leave their secure environments. Traditional security measures cannot enforce policies once data exits the originating system, posing risks to sensitive operations such as military deployments, inter-agency government communications, and critical infrastructure management. Security and regulatory compliance can be compromised if control over data cannot be maintained end-to-end.

The new capabilities enable security protections to persist with the data itself, not just within organisational boundaries. Kiteworks uses OpenTDF standards to embed attribute-based access control (ABAC) directly into each data file. This ensures that access permissions-based on roles, affiliations, security clearance, or geography-remain enforced regardless of where the file travels or which systems handle it.

Standards-based protection

OpenTDF serves as the foundation for the new digital rights management, with persistent encryption securing each file throughout its lifecycle. Senders can define access policies specifying who can open, read, or share data, based on a combination of user attributes. For example, an intelligence document marked as Top Secret can be limited strictly to personnel with the correct clearance level, only within specified geographic regions, and within defined timeframes.

The interoperability of OpenTDF means data protected by these methods can transit between agencies, departments, and remote locations without requiring identical infrastructure on each end. The embedded access controls are always enforced, independent of the underlying systems or network connectivity.

Access validation and compliance

The Kiteworks implementation features the OpenTDF Key Access Service (KAS) and Policy Enforcement Point (PEP). These mechanisms validate the identity and permissions of each recipient before granting access to data. Comprehensive audit logs record every attempt to access protected files, supporting compliance obligations for CMMC, FedRAMP, FISMA, HIPAA, and other regulations.

Users interact with TDF-protected data via the standard Kiteworks interface, which is designed to avoid disruption to existing workflows while maintaining stringent security. Existing customers can utilise the new features alongside existing FedRAMP High Ready and compliance capabilities.

Sector-specific requirements

The integration targets five sectors with heightened data security requirements. Military users transmit intelligence and operational data between deployed sites and command structures, maintaining control regardless of network fragmentation. Government departments can share sensitive data across branches or partner organisations with consistent access controls and compliance monitoring.

Critical infrastructure operators transfer sensor and IoT data from geographically remote locations, such as utilities and telecommunications sites, directly to authorised personnel for analysis. In healthcare, organisations move medical records and research data across institutional boundaries, enforcing HIPAA compliance and auditability. The financial sector can securely share transaction data and compliance records with external stakeholders, maintaining granular review and tracking.

Perimeter shift

"The organisation-level security perimeter has dissolved in modern operations. Military units operate across theatres with different network infrastructures. Government agencies collaborate across organisational boundaries. Critical infrastructure spans remote locations with varying connectivity. The old model of protecting data at the organisation's perimeter simply doesn't work when fragmented data must cross these boundaries to support mission objectives. Kiteworks TDF fundamentally changes the equation by making security an inherent property of the data itself. Access policies travel with every file. Encryption persists across every system boundary. Compliance validation occurs at every access attempt. Organisations finally have the certainty that their most sensitive data remains protected and controlled regardless of where it travels. Transforming data security from a network boundary problem into a data-centric solution," said Yaron Galant, Chief Product Officer, Kiteworks.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Keeper Security named Overall Leader in non-human identity management
ATEN unveils secure KVM switches with 5K video for defence use
BT launches UK-based sovereign platform for secure cloud & AI
Cyber-extortion incidents surge as criminals target small firms
Climb expands US cybersecurity offerings with Fortinet deal

Top stories

DivisionHex launches new framework to streamline exposure management
HP predicts surge in AI-driven cyber threats & cookie theft by 2026
Hack The Box launches AI cyber range & unveils red team certification
Dynatrace expands AWS integrations & wins LATAM partner award
Informatica expands AWS integration to boost enterprise AI agents