00 Who we are

About IRONKEEP.

Federal contractors need CMMC compliance to win work. The tools that deliver it are priced for enterprises, and the ones a small team can actually afford were never built to handle regulated data.

Focus Small defense contractors
Built for Teams of 5 to 5,000
Hosting United States only
Status In FedRAMP 20x assessment
01 Our mission

What we are building.

IRONKEEP builds compliant productivity tools for the companies that big vendors ignore. Mail, files, docs, and chat. Encrypted, auditable, and priced for teams of 5 to 5,000.

Compliance should be the easy part.
02 Our team

We have built this before.

We previously built a NIST 800-171-compliant secure computing environment at a major cloud provider: compliant email, file storage, and isolated infrastructure for US citizens only.

Plenty of compliance software founders have read the NIST controls. We implemented them at scale, for the cloud provider that the defense contractor ecosystem runs on. IRONKEEP is that knowledge made accessible to the 118,000+ contractors who need it but don't have a 200-person IT department.

$B+ in government contracts supported by the system we built
10 yrs inside a DoD intelligence agency
10 yrs building enterprise-scale compliance infrastructure
03 How we protect your data

Designed to produce evidence.

Our security architecture is built to produce audit evidence. Every claim on this page maps to a technical control you can verify.

01

Three layers of encryption

Storage, application-level envelope, and client-side encryption, each protecting against a different threat scenario.

02

Per-tenant key isolation

Every tenant gets its own master key. One tenant's keys cannot decrypt another tenant's data.

03

Zero operator access

Platform operators can run the infrastructure but cannot read your mail, contacts, calendar, or files.

04

US-only data residency

All customer data is hosted in the United States, administered exclusively by US citizens.

Read the full security overview →