You are here


Governance and Compliance

Leading enterprises and government agencies rely on Accellion to ensure maximum data security, control, and compliance for internal and external content collaboration.

kiteworks by Accellion is an enterprise class, private cloud secure content collaboration platform. kiteworks’ strong security controls and the industry’s broadest deployment options enable organizations to ensure the protection of sensitive information and intellectual property. With a modular multi-tier architecture, kiteworks also provides organizations with a highly scalable and flexible solution.

Private Cloud Deployments

  • Private Cloud (On-Premises) Private cloud on-premises deployments provide complete ownership of the encryption keys to ensure full control over the availability, integrity, and confidentiality of content sharing between internal and external users. Accellion offers an easy to install and manage on-premises solution for VMware and Hyper-V virtualized environments, enabling rapid enterprise-wide private cloud deployment.
  • Private Cloud (IaaS) Similar to the on-premises offering, but deployed on your Microsoft Azure or Amazon Web Services resources.
  • Private Cloud (Accellion-Hosted) Private cloud hosted deployment provides the flexibility and scalability of a managed service offering while ensuring high levels of security and control. With an Accellion private cloud hosted solution there is no co-mingling of application data, resulting in greatly reduced risk of data exposure and leakage.
  • Hybrid Cloud Enterprises with global deployments can seamlessly combine on-premises deployments for major offices with IaaS or hosted deployments for satellite offices to enable rapid scaling of their own IT infrastructure. Another alternative is to deploy most of your resources in IaaS or Accellion Hosting, while deploying the Enterprise Content Management (ECM) connectors on VMware or Hyper-V on the same on-premises network as the ECM systems. Accellion's hybrid cloud solution combines the control of the private cloud with the flexibility of hosted cloud solutions, and a wide variety of deployment architecture options.


  • eDiscovery Administrators can comply with legal requests to preserve and collect all relevant files and metadata, and set content retention policies to meet regulatory compliance requirements.
  • Data Loss Prevention kiteworks solutions integrate with data loss prevention (DLP) solutions via the ICAP protocol and supports leading DLP solutions, such as Symantec, WebSense, and RSA. All shared content can be monitored for sensitive content and quarantined or blocked in conformance with enterprise content policies.
  • User-Friendly DRM Files can be protected with additional controls, such as view-only roles, watermarking, and file withdrawal capabilities.

Data Security and Compliance 

  • Encryption All files are encrypted at-rest and in-motion with the highest levels of encryption. With kiteworks, organizations retain full ownership of the encryption keys and enterprises can ensure no unauthorized parties have access to their data.
  • Modular Multi-Tiered architecture Highly flexible architecture allows the web application and storage tiers to be separately deployed in the network for additional layers of protection.
  • Data Sovereignty Geographic policies can be enforced to restrict user content to storage physically located in specific countries to meet data residency requirements.
  • Full Auditing Every user action in the system is logged and audit reports can be easily created to provide full visibility and demonstration of compliance.
  • Secure Containers  All content stored in kiteworks mobile applications is protected with encryption and controls, such as remote wipe, whitelisting, watermarking and offline PIN, as well as an integrated Microsoft Office editor. Microsoft Office files in “restricted” folders can be edited in mobile applications or the web browser, but cannot be copied, downloaded to the desktop or opened in other applications.
  • FIPS 140-2 Validated kiteworks has received FIPS 140-2 Level 1 validation.
  • Compliance The kiteworks solution enables compliance with industry and government regulations, including SOX, HIPAA (with signed BAA), ITAR, SOC2, and PCI DSS Level 1. ISO27001, ANSSI, and CJIS. Accellion is an Authorized FedRAMP cloud service provider.
  • Accellion is proud to be a part of the Skyhigh Cloud Trust Program. As a Skyhigh Enterprise-Ready cloud services provider, we fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.

FedRAMP Logo - Accellion is an Authorized FedRAMP cloud service provider AICPA-SOC logo - SOC 2 audited for data security and compliance CSA logo - Corporate member of the Cloud Security Alliance to help ensure a secure cloud computing environment
FIPS 140-2 logo - FIPS 140-2 Level 1 validated for data security and compliance HIPAA logo - HIPAA with signed business associate agreement for data security and compliance PCI DSS logo - Payment Card Industry Data Security Standard Level 1 certified for data security and compliance