Find and protect sensitive data where it's most vulnerable

Unstructured data—information contained in documents, spreadhseets, images, and other files, rather than stored in a database—accounts for 80% of a typical organization's data. Much of this data resides on user devices like laptops, mobile phones, and tablets, where it's exposed to physical theft, unauthorized sharing, and dozens of other cyber threats on a daily basis.

Typical approaches to endpoint security have focused on protecting devices, rather than the data stored on them, from unauthorized access. These strategies fail to address the reality that employees are constantly sharing and sending data from their devices to external parties, cloud storage services, and other destinations outside the organization's control.

Meaningful endpoint security requires not only protection for the device, but persistent protection for sensitive data that travels from the device to other devices, other operating systems, and other networks.

Protect data at the source

PKWARE's Smartcrypt is the only data protection solution that applies persistent encryption on endpoint devices, with simplified key management and enterprise-wide policy management. With Smartcrypt, organizations can maintain complete control over sensitive information on laptops, desktops, phones, and tablets, even after the data is copied or shared.

Smartcrypt's innovative approach to endpoint data protection allows organizations to encrypt sensitive information as soon as it appears on a user device, without the tradeoffs that endpoint encryption has traditionally required. Smartcrypt integrates with Microsoft Office, allowing users to save and open encrypted documents without disruptions to their normal workflows.

How it works

The Smartcrypt for Files and Folders agent is installed on any user device that may be used to create, process, or store sensitive data. Agents apply the organization's encryption policies as defined in the Smartcrypt Enterprise Manager administrative console.

After deployment, Smartcrypt agents monitor all file activity on protected devices. Depending on the organization's policies, Smartcrypt can encrypt all files on a device, or use data discovery and classification to determine which files should be encrypted.

Whether encrypted files are saved on a computer’s hard drive, stored on removable media, or backed up on a cloud service, the files can only be accessed by authorized users.

Find, classify, and encrypt sensitive information

When Smartcrypt is integrated with Boldon James Classifier, organizations can add data classification to their security policies, while maintaining a streamlined, intuitive user experience.

Classification and Encryption Workflow

Smartcrypt can be configured to search for Boldon James Classifier-tagged files on laptops and desktops, and to encrypt tagged files according to the organization's policies. Smartcrypt can also detect untagged sensitive information and initiate classification via Classifier. Administrators define the types of sensitive data they want to find, as well as the locations they want to search for it.

Contact Sales

Smartcrypt Platform

Learn more about PKWARE's smart encryption platform.

Learn More


More information on the Smartcrypt for Files and Folders agent.

Read PDF


PKWARE's Smartcrypt is the most powerful, most flexible enterprise solution for endpoint encryption.

Provides strong protection for sensitive data without disruptions to user workflows

Automates the discovery and remediation of unencrypted sensitive data

Applies persistent strong encryption that travels with protected files, even outside the organization

Enables organization-wide control and consistent policy enforcement

Encrypted files are as much as 90 percent smaller than the unencrypted data