Protection that travels with your data

Persistent strong encryption is the most effective form of data protection, preventing unauthorized users from accessing sensitive information no matter where files are located.

Unlike other forms of encryption, persistent encryption is applied to data itself, rather than to a storage location or transmission system. Information protected by persistent encryption remains secure throughout the entire data lifecycle, whether files are saved on servers, endpoint devices, removable storage, or in the cloud.

The basics of encryption

Encryption is commonly used to protect data during transmission, and to protect data stored in files and databases. While it can be implemented in many different ways, all forms of encryption involve converting usable data (plaintext) into an unreadable form (ciphertext), and providing a mechanism to reverse the process. Every encryption operation includes the following elements:

  • Plaintext is the original data prior to encryption. In addition to text (in messages, documents, or other formats), virtually any other type of data can be encrypted, including images, videos, and database records.

  • An encryption algorithm is a set of instructions for converting plaintext into ciphertext and back again.

  • An encryption key is a unique data string used by encryption software (together with an encryption algorithm) to create unique, unpredictable ciphertext from plaintext. In some encryption systems, the same key is used to encrypt and decrypt data, while in others, encryption and decryption operations use different—but mathematically related—keys.

  • Ciphertext is unreadable, unusable data created as the end result of encrypting a plaintext file, message, or database record.

The security provided by encryption depends on several factors, including the algorithm used, the length of the encryption keys, the unpredictability of the data used to create the keys, and the method used to exchange encryption keys.

Why persistence matters

One of the most important things to understand about encryption technology is when and where encryption and decryption happen. Some solutions encrypt data as it travels across a network, but leave it in the clear (unprotected) on either end of the transmission. Other approaches encrypt data while it's stored on a specific device, like a server or laptop, but leave data in the clear when it's copied or moved to another location.

Persistent encryption is applied to data itself, rather than to a network connection or device. This means that once a file is encrypted, it stays encrypted, no matter where it is stored, shared, or copied. Decryption only takes place when a user provides the correct decryption key to access the data.

PKWARE's automated technology finds, classifies, and protects data with persistent encryption in a single automated workflow. Once a data is protected with persistent encryption, only authorized users can open and access it. If files are synced to the cloud, moved to another server, sent via email, or copied to removable media, the files remain protected.

PKWARE's encryption software works on every enterprise operating platform, including laptops, desktops, file servers, mobile devices, midrange systems, and mainframes, and allows authorized users to access encrypted data on any device.

PKWARE Platform

Learn more about PKWARE's automated data security platform.

Learn More


PKWARE's persistent encryption keeps sensitive data safe even when it's sent to users outside the organization or saved in the cloud.
  • Prevents unauthorized access by insiders or outsiders
  • Eliminates security gaps
  • Eliminates the negative consequences of a security breach
  • Enables organization-wide control over sensitive data