Inter-agency data sharing security is the problem every federal data integration project runs into. Agencies are spending billions on platforms that can’t deliver because the technology requires a choice no security-conscious agency should have to make: share the data or protect it. Here is why that constraint exists — and the architecture that removes it.
The $90 Million Success Story That Reveals a Massive Problem
Kshemendra Paul knows what successful government data integration looks like. As the inaugural Chief Data Officer at the Department of Veterans Affairs, he deployed a common operating picture spanning over 1,000 datasets, 18,000 transformations, and 5,000 data pipelines. The result? $90 million saved in just six months through better acquisition decisions and expanded veteran services through personalized outreach.
But here’s what Paul’s recent commentary reveals: Even this massive success story represents a fundamentally compromised solution.
In his August 2025 analysis on federated data governance, Paul, who also chaired the Federal CDO Council’s Large Agency Committee, makes a startling admission. Despite billions invested in platforms like Palantir Foundry, Databricks, and other enterprise data integration tools, agencies still can’t achieve the collaborative analytics that would truly transform government operations.
Why? Because every single platform force agencies to choose between security and utility.
The Inter-Agency Data Sharing Security Problem No Platform Has Solved
Paul’s article diagnoses the problem with surgical precision. Government agencies are investing heavily in data integration technology while the real barriers remain “human, organizational, and cultural.” But what creates these cultural barriers? The rational fear that data sharing equals data exposure.
Current data integration platforms, every single one, share a fatal shortcoming: They require data to be decrypted for use. The moment data is accessed for the analytics, queries, and cross-boundary integration that make these billion-dollar investments worthwhile, it becomes clear text and vulnerable to compromise.
This creates an impossible dynamic:
- Technical teams build impressive integration capabilities
- Security teams recognize the exposure risks
- Mission leaders see the analytical potential
- Legal teams worry about compliance violations
- Data stewards get caught in the middle
The result? Expensive platforms that remain siloed, limited deployments that don’t scale, and billions in investment that can’t deliver transformational outcomes because agencies simply can’t easily share data.
Even Zero Trust Isn’t Enough
Paul correctly identifies Zero Trust architecture as essential, noting it assumes “hackers/predators/bad actors already inside your network.” But here’s the problem: Current data platforms can’t deliver true Zero Trust because they require decryption for data use. The broader question of how to share sensitive data securely, across agencies, vendors, and coalition partners, comes down to this same architectural gap.
Traditional Zero Trust focuses on network access, identity verification, and device security. As we covered in Perimeter Security Is Not Enough, the access layer was never designed to be the last line of defense. But the moment authorized users access data for legitimate analytical purposes, that data becomes clear text. Whether the threat is a compromised insider, a social engineering attack, or simple authorized access for unauthorized purposes, the outcome is the same: exposed data that can be extracted, sold, or ransomed.
This is why Paul’s article emphasizes the need for “appropriate transparency” and cultural change. When the technology itself creates security risks, organizations naturally develop cultures of data hoarding rather than sharing.
The Seshat Breakthrough: True Zero Trust for Data
Donoma Seshat changes everything by solving the fundamental technology constraint that makes data sharing inherently risky.
Unlike every other data integration platform, Seshat maintains continuous encryption throughout the entire data lifecycle: at rest, in transit, and crucially, while in use. This isn’t just incremental improvement; it’s a paradigm shift that makes previously impossible use cases suddenly feasible.
How Seshat Transforms Paul’s Framework
Paul’s article outlines the requirements for successful federated data governance:
- Interoperable Data Management
Seshat integrates seamlessly with existing database systems (Oracle, Elastic, SQL & more as well as unstructured data repositories) and works across the technology-agnostic architectures Paul advocates. Agencies can maintain their current infrastructure investments while adding the security layer that enables true collaboration.
- Trusted Policy Enforcement
With Seshat, policy compliance isn’t procedural, it’s technically guaranteed. Data remains encrypted even during authorized use, making policy violations physically impossible rather than organizationally discouraged.
- Semantic Interoperability
Paul mentions NIEMOpen as the leading semantic interoperability framework. Seshat could secure NIEMOpen implementations, enabling broader adoption across sensitive government domains that currently can’t participate due to security concerns.
Real-World Impact: What Becomes Possible
Paul’s success story at Veterans’ Affairs saved $90 million through better data integration within a single agency. Imagine the impact when that same analytical capability can work across agency boundaries without security compromise.
Potential Applications
- Cross-Agency Fraud Detection: Currently impossible due to privacy concerns, agencies could securely share patterns across datasets to identify systemic fraud without exposing individual records.
- Integrated Threat Intelligence: Defense and intelligence agencies could collaborate on threat analysis while maintaining classification levels and data sovereignty.
- Public Health Analytics: CDC, NIH, and state health departments could conduct secure epidemiological research on sensitive health data that’s currently too risky to share.
- Economic Policy Analysis: Treasury, Commerce, and Federal Reserve could conduct joint economic modeling on sensitive financial data without exposure risks.
- The Network Effect Opportunity
Paul’s influence through the Federal CDO Council creates a unique opportunity for rapid adoption. A successful implementation at one agency creates precedent and proof points for adoption across the federal government.
More importantly, Seshat enables the collaborative analytics that justify the billions already invested in data integration platforms. Rather than competing with existing investments, Seshat makes them work in high-security contexts.
The Competitive Reality
While agencies debate governance frameworks and cultural change initiatives, the technology constraint remains unchanged. Palantir, Databricks, Snowflake, and every other major platform still requires data decryption for use.
This creates a massive first-mover advantage for integrating Seshat. The first data integration platform that can guarantee continuous encryption will capture the market share that security concerns currently prevent others from accessing.
The Strategic Window Is Now
Paul’s article isn’t just commentary, it’s a roadmap being actively implemented across government. The Federal Data Strategy, NIEMOpen expansion, and AI/ML initiatives he references represent billions in current procurement activities.
The question isn’t whether agencies will invest in data integration. They already are. The question is whether those investments will deliver transformational outcomes or remain expensive, underutilized systems due to security constraints.
Why This Changes Everything
Kshemendra Paul’s $90 million VA success story proves the value of data integration. His latest analysis proves that current technology prevents scaling that success across agency boundaries.
Seshat eliminates the constraint. For the first time, agencies can pursue the collaborative analytics that transform government operations without accepting the security risks that make collaboration impossible.
This isn’t about building better data integration platforms. This is about enabling the platforms that already exist to work in contexts where security concerns currently prevent their use.
The government is invested. The frameworks are established. The leadership is committed. The only missing piece is the technology that makes secure data collaboration technically feasible rather than organizationally aspirational.
That technology is Seshat.
—–
Ready to enable true federated data governance and secure collaboration at scale? Schedule your solution briefing with us today.
Frequently Asked Questions
Why do government data integration projects fail despite massive investment?
The core failure is architectural, not organizational. Every major data integration platform requires data to decrypt for use. The moment data is accessed for analytics, queries, or cross-agency sharing, it exists as plain text. Security teams recognize the exposure risk and restrict access. Mission leaders see the analytical potential locked behind those restrictions. The result is expensive platforms that stay siloed and billions in investment that cannot deliver transformational outcomes because the data cannot safely move.
What is inter-agency data sharing security and why is it so difficult to achieve?
Inter-agency data sharing security means enabling multiple agencies to collaborate on shared datasets without either party exposing underlying sensitive data to the other. It is difficult because standard data platforms require decryption at the point of use. When Agency A shares data with Agency B for joint analysis, Agency B holds a decryptable copy. That creates compliance exposure, classification risk, and data sovereignty concerns that make genuine collaboration practically impossible under current architectures.
What is federated data governance and what technology does it require to work?
Federated data governance is a model where agencies maintain control over their own data while contributing to shared analytical capabilities across organizational boundaries. The frameworks exist. NIEMOpen provides semantic interoperability standards. Zero Trust provides the access control layer. What has been missing is the technology that keeps data encrypted while it is being used in joint operations. Without that capability, federated governance remains an organizational aspiration rather than a technical reality.
How does continuous encryption enable secure data collaboration across agencies?
Continuous encryption keeps data encrypted during active processing, not just at rest and in transit. This means two agencies can run joint analytics on a shared encrypted dataset without either agency’s analysts ever accessing the underlying plain-text data. Each party maintains sovereignty over its own information. Classification boundaries remain enforced across the operation. The analytical value is real. The security exposure is not.
Does continuous encryption work with existing government data platforms like Palantir or Databricks?
Yes. Continuous encryption integrates at the application layer without replacing existing infrastructure. Agencies can maintain their current platform investments while adding the encryption layer that enables those platforms to operate in high-security contexts where decryption exposure currently prevents their use. The goal is not to compete with existing investments but to make them work in environments where security concerns currently lock them out.
What is the Zero Trust data layer and why do current architectures miss it?
Zero Trust architecture has success addressing the pillars for network access, identity verification, and device security. Most do not address the data layer: what happens when an authorized user accesses data for a legitimate purpose. The moment that access occurs under standard encryption, the data decrypts. An authorized user with compromised credentials, or an insider with malicious intent, can access and extract plain-text data that Zero Trust identity controls cannot stop. Continuous encryption closes this gap by ensuring data remains encrypted even during authorized use.

