Contingency Key Support

Strong data encryption is a highly effective way to protect sensitive information from hackers, theft, and misuse. However, encryption can pose a problem for organizations if a user forgets a password, or if it is used maliciously to lock a company out of proprietary information. PKWARE's Contingency Key enables organizations to access any data that is encrypted by its employees. Contingency keys are effectively digital certificates that represent the organization as a whole, and are automatically used every time someone encrypts data.

Contingency keys are configured and deployed within the policy files you generate via the SecureZIP Policy Manager. You can configure a single contingency key or multiple keys, depending on your corporate security requirements. Likewise, different contingency keys can be deployed to different user groups, providing a high degree of flexibility. Although contingency keys are digital certificates, they can be applied to either password-based or certificate-based encrypted files - ensuring interoperability with your organization's security infrastructure.

SecureZIP can also detect when a contingency key is missing from a policy file, or is invalid. Either of these situations could mean that an end user was attempting to corrupt the policy file, or that a contingency key has been compromised. If this happens, SecureZIP will automatically default to read-only mode, prohibiting users from encrypting any new data until a valid contingency key is re-established by the administrator. This ensures that end users will not circumvent a policy in the event that a contingency key becomes unusable.