Virtru and Rocket.Chat Partner to Bring Real-Time Access Governance to Classified Collaboration

New integration makes classified channel membership a live reflection of identity, removing access automatically the moment entitlements change

WASHINGTON and WILMINGTON, Del., June 25, 2026 (GLOBE NEWSWIRE) -- Virtru, the leader in data-centric security, and Rocket.Chat, the secure communications platform for organizations with the highest security and compliance requirements, today announced a partnership that brings continuous, identity-driven access enforcement to classified collaboration. The integration pairs Rocket.Chat's native attribute-based access control (ABAC) with the Virtru Data Security Platform as an external decision layer. At every sync, Virtru’s Data Security Platform re-evaluates each member against the entitlements they currently hold in the organization's identity provider, so access reflects current policy instead of a grant set once at provisioning and left in place.

In classified programs and compartmented environments, channel membership is considered a security control. Yet, most collaboration tools grant access once and never re-evaluate it, so a lapsed clearance or program rotation can leave residual access in place for days or weeks — or until someone notices and files a ticket. Zero Trust, now mandated across federal and defense systems under NIST SP 800-207, requires access to be re-evaluated continuously against current policy. Unfortunately, the collaboration layer is usually the last place that Zero Trust security is enforced.

This integration closes that gap. Virtru serves as the decision authority, reading entitlements directly from the customer's identity provider and evaluating every access request against current attributes. Rocket.Chat enforces the decision at the channel level and logs the outcome.

Key capabilities of the joint solution include:

• Real-time access governance. Channel membership is re-evaluated against current entitlements at each sync, typically every few minutes rather than every few days. When personnel rotate or clearances change, channel access follows shortly thereafter, reducing risk and aligning with Zero Trust mandates.
• Fail-secure by default. Users without assigned entitlements cannot be added to rooms, and manual additions are checked against current policy before they complete, so room owners cannot bypass it. The system never fails open. This reduces the risk of both inadvertent and intentional insider threats.
• Identity-driven enforcement without lock-in. The Virtru Data Security Platform evaluates entitlements from any OIDC or OAuth2-compatible identity provider, including Okta, Microsoft Entra ID, Ping Identity, and ICAM, so organizations keep full control of their identity sovereignty.
• Mission-tempo operations. Joint Task Force stand-downs, PERSEC holds, and program rotations propagate from the identity provider to Virtru, prompting channels to dissolve immediately alongside the mission, without manual cleanup across multi-agency or multinational teams.
• Decision-level audit logs. Every access decision is recorded, along with the user, channel, attributes evaluated, decision, and timestamp. This gives inspectors general and Zero Trust assessors citable evidence.
  
  

“In a classified program, who is in a channel is a security decision, not a roster. This integration makes that decision continuous, so access reflects the policy in force now rather than the policy that applied when someone was first added,” said Gabriel Engel, CEO, Rocket.Chat.

“Security has to follow the data wherever the work happens. By pairing the Virtru Data Security Platform with Rocket.Chat, we’re giving defense and intelligence teams real-time, attribute-based control over their most sensitive channels, backed by a granular audit trail,” said John Ackerly, CEO and Co-Founder of Virtru. “The right security measures should never hinder mission success; they should fuel it.”

The integration supports NIST SP 800-162 for attribute-based access control and NIST SP 800-207 for Zero Trust. Both platforms deploy across NIPRNet, SIPRNet, and JWICS, and run on-premises, in customer cloud, or in fully air-gapped environments.

Defense agencies, intelligence community organizations, and federal system integrators can evaluate the integration in their own accredited environments. Teams interested in deploying real-time access governance can contact their Rocket.Chat or Virtru representative.

About Virtru

Virtru is pioneering the shift from network-centric to data-centric security, embedding protection directly into data so mission owners maintain control wherever sensitive information is shared. The Virtru Data Security Platform is built on OpenTDF, an open standard evolved from technology developed at the NSA by co-founder Will Ackerly, and supports ACP 240, the Five Eyes-ratified Zero Trust standard for secure coalition operations. Trusted by more than 6,000 public and private-sector organizations, including the U.S. Department of War, JPMorgan Chase, and Salesforce, Virtru enables secure collaboration across classification boundaries at mission speed, with integrations across leading defense, cloud, and cross-domain solution providers. For more information, visit www.virtru.com.

About Rocket.Chat

Rocket.Chat is the secure communications platform for organizations with the highest security and compliance requirements. Deployed across NIPRNet, SIPRNet, and JWICS, Rocket.Chat holds DoD Authorization to Operate at Impact Level 6 and is listed in the AWS Intelligence Community Marketplace. Defense agencies, intelligence community organizations, and allied partners rely on Rocket.Chat for mission-critical coordination across classification boundaries, with open architecture, sovereign deployment options, and the operational discipline that classified environments require. The platform is MIT-licensed with more than 1,000 contributors. For more information, visit www.rocket.chat.

Media Contacts

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.