Air-Gapped eDiscovery for Classified Matters

Air-Gapped eDiscovery: How Classified and Highly Sensitive Matters Work Without Cloud Access

Most eDiscovery workflows assume internet connectivity as a baseline. For a growing category of organizations, that assumption is a disqualifying security risk.

Federal agencies, defense contractors, law enforcement bodies, and organizations handling Controlled Unclassified Information (CUI), ITAR-regulated technical data, or classified national security materials cannot route legal data through standard cloud infrastructure. The regulatory framework is explicit. In December 2024, CISA issued Binding Operational Directive BOD 25-01, requiring federal civilian agencies to implement secure cloud configuration baselines and comply with SCuBA standards, with mandatory deadlines throughout 2025. That directive governs what cloud environments may be used, under what conditions, and with what controls, and it does not accommodate uncertified commercial platforms for sensitive federal legal work.

For these organizations, air-gapped eDiscovery is not a preference. It is a requirement.

Who Needs Air-Gapped eDiscovery and Why

The demand for air-gapped or network-isolated eDiscovery comes from several categories of organization operating under specific legal and security constraints.

Federal agencies and their legal teams. Government attorneys managing litigation, investigations, FOIA responses, and internal matters regularly handle data that cannot leave agency-controlled infrastructure. A growing number of federal agencies now require FedRAMP authorization before a cloud vendor can be considered for eDiscovery or litigation support work, as detailed in Reveal’s analysis of FedRAMP authorization for legal cloud vendors. Vendors without this credential are excluded from procurement conversations before they begin.

Defense contractors and ITAR-regulated organizations. Companies handling export-controlled technical data under ITAR or the Export Administration Regulations face strict limits on where that data can be processed and by whom. Routing ITAR-controlled materials through a standard cloud eDiscovery platform may itself constitute a violation if the data traverses foreign infrastructure or is accessible to non-US persons.

Law enforcement and criminal justice agencies. Organizations subject to the FBI’s Criminal Justice Information Services (CJIS) Security Policy must process criminal justice data in compliant environments with strict access controls, audit logging, and on-premises or government cloud hosting requirements.

Private sector organizations with heightened data sensitivity. Financial institutions under regulatory investigation, pharmaceutical companies in sensitive IP matters, and enterprises managing trade secret litigation increasingly use private cloud or on-premises deployments to satisfy data governance requirements and litigation hold obligations.

The Four Deployment Models for Air-Gapped and Network-Isolated eDiscovery

The right deployment model depends on the classification level of the data, the regulatory framework that governs it, and the organization’s existing infrastructure.

On-Premises Installation

A fully on-premises eDiscovery deployment runs entirely within the organization’s own physical infrastructure, with no cloud components. Data never leaves the facility. This model is most appropriate for classified matters above the CUI level, situations where physical control of the environment is mandated, and organizations with existing secure data centers.

The tradeoffs are real: on-premises deployments require internal IT capacity for maintenance, upgrades, and scaling. As explored in Reveal’s analysis of on-premises eDiscovery software scaling gaps, organizations often underestimate resource requirements when matter volume spikes or when processing large, complex data sets under time pressure.

FedRAMP High-Authorized Government Cloud

FedRAMP High authorization represents the highest tier of federal cloud security certification, cleared for systems where the loss or compromise of data would have a severe or catastrophic effect on agency operations. eDiscovery platforms with FedRAMP High authorization can process federal legal data in a compliant cloud environment without a full air gap, suitable for agencies that need operational flexibility while staying within a certified security boundary.

For real examples of how agencies use FedRAMP-authorized eDiscovery in practice, Reveal’s use case analysis details the workflows and compliance checkpoints involved.

Private Cloud Deployment

A private cloud eDiscovery deployment runs on dedicated, single-tenant infrastructure, either hosted by the vendor in an isolated environment or in a government-contracted facility. It is not shared with other customers, and access is controlled by the organization. This suits teams that need scalability without multi-tenant risk, or where contractual requirements prohibit shared infrastructure.

Private deployment architectures are covered in detail in Reveal’s guide to private deployment eDiscovery options.

Portable or Appliance-Based Solutions

Some classified matters require processing within a physically controlled space: a secure compartmented information facility (SCIF), a contractor facility, or a courtroom. Portable eDiscovery appliances are self-contained units that operate without any network connection and can be transported to where the data resides.

This is the most restrictive and resource-intensive model, but the only viable option for certain categories of national security data.

Key Operational Considerations

Network-isolated eDiscovery introduces operational challenges that standard cloud workflows do not face.

• Software updates and patching. Disconnected systems cannot receive automatic updates. A formal process for reviewing, approving, and manually applying patches is required to maintain environment integrity.

• Data transfer protocols. Moving data into an air-gapped environment requires documented, auditable processes. Common mechanisms include removable media, secure transfer appliances, and one-way data diodes, each with distinct chain of custody requirements.

• Collaboration and review access. Review teams in air-gapped environments cannot use browser-based tools or remote access without specific network exceptions. Physical access to secure facilities must be planned as part of matter logistics.

• Matching model to matter. Not every sensitive matter requires maximum restriction. As discussed in Reveal’s analysis of eDiscovery deployment options for 2026, the goal is matching the deployment model to the actual data sensitivity and regulatory requirements of each matter.

Where Cloud Ends, Defensibility Must Continue

Air-gapped eDiscovery is not an edge case. It is the operational reality for a significant and growing segment of the legal and compliance community, driven by federal security directives, export control law, and expanding data governance requirements.

As reported by Government Technology Insider, federal agencies continue to face significant challenges in finding eDiscovery solutions that meet both their security requirements and operational demands, with many still piecing together multiple point solutions to cover distinct matter types and classification levels.

The organizations best positioned to manage classified and highly sensitive matters are those that have mapped their deployment options to their data obligations, know which model applies to which matter type, and have a platform capable of operating across the full spectrum from standard cloud to full air gap.

If your organization is evaluating eDiscovery deployment options for classified, FedRAMP-scoped, or high-sensitivity matters, contact Reveal to discuss deployment architectures designed for environments where connectivity is a liability, not a given.