Virtru and Ohalo have announced an integrated solution designed to automate the discovery, classification, and encryption of sensitive unstructured data at scale. By connecting Ohalo Data X-Ray with the Virtru Data Security Platform, the partnership enables organizations to remediate unprotected files across shared drives, federal repositories, and hybrid-cloud environments through a single automated operation. This integration aims to bridge the gap between identifying sensitive data and enforcing persistent protection. For CIOs and security leaders, the solution addresses the "cold start" problem of legacy file backlogs by transforming static data inventories into continuous, automated protection workflows. This development is particularly relevant for federal agencies and regulated enterprises managing complex compliance requirements across air-gapped, on-premise, and hybrid-cloud environments.
Automated Discovery and Persistent Encryption Workflow
The integration establishes a seamless pipeline that moves from discovery to enforcement. Ohalo Data X-Ray performs the initial phase by scanning documents at hundreds of thousands of words per second. This process utilizes three distinct layers: natural language processing and machine learning for semantic precision, generative AI for document-level context, and custom business logic rules. This approach moves beyond simple keyword matching to understand the actual content of a file, automatically applying labels to replace manual, non-scalable processes.
Once classification is complete, the integration automatically converts sensitive files into the Trusted Data Format (TDF). This wraps each object in encryption and a granular access policy that remains attached to the data regardless of its location. Virtru enforces these persistent access controls, requiring both human and non-human entities to authenticate before decryption. This ensures that data owners maintain control and can revoke or update access at any time. For administrators, the solution includes a built-in dry run capability, allowing for the testing of encryption and decryption behavior before full deployment across the data estate. This automated loop ensures that as policies or sensitive terms change, Data X-Ray can re-crawl sources and re-encrypt files with updated attributes, maintaining a continuous security loop.
Compliance and Interoperability for Regulated Sectors
The Virtru and Ohalo solution is positioned to address specific regulatory challenges, including CMMC Level 2, NIST SP 800-171, and CUI protection requirements. It also supports organizations navigating HIPAA, GDPR, and the FTC Safeguards Rule. A core component of this capability is the Trusted Data Format (TDF), an open interoperability standard originally developed by Virtru Co-Founder Will Ackerly during his tenure at the National Security Agency. TDF has been adopted as a data protection standard for national defense and intelligence missions within the United States and allied partners.
Furthermore, the Zero Trust Data Format (ZTDF), derived from TDF, serves as an interoperable standard bridging the gap between the US Intelligence Community/Department of Defense and existing NATO STANAGs. This makes the integration highly relevant for coalition environments where interoperability is mission-critical. Technically, the integration connects via the Ohalo Data X-Ray admin console to the Virtru Data Security Platform. It supports S3-compatible or on-premise object storage and integrates with identity providers such as Okta, Microsoft Entra ID, and Ping Identity. The Virtru Data Security Platform is FedRAMP Moderate authorized and FIPS 140-2 validated.
Key Takeaways
- Ohalo Data X-Ray uses NLP, machine learning, and generative AI to classify documents at hundreds of thousands of words per second.
- The integration uses the Trusted Data Format (TDF) to wrap encrypted files in granular access policies that travel with the data.
- The solution supports compliance for CMMC Level 2, NIST SP 800-171, HIPAA, GDPR, and the FTC Safeguards Rule.
TechInsyte's Take
In our view, the Virtru and Ohalo partnership addresses a fundamental failure in modern data management: the disconnect between data visibility and data enforcement. Most enterprises struggle with "dark data"—sensitive information that is discovered but remains unprotected because the classification and encryption steps are disconnected or manual. By automating the transition from Ohalo’s semantic discovery to Virtru’s TDF-based encryption, this integration moves security from a reactive, perimeter-based model to a proactive, object-level model. This is particularly significant for highly regulated sectors, such as defense and finance, where the ability to maintain control over data as it moves through hybrid-cloud and coalition environments is a primary requirement. The use of ZTDF suggests a strategic move toward standardized, interoperable security that could become a benchmark for multi-national and multi-agency data exchange.
Source: GLOBE NEWSWIRE