When a major bank, asset manager, or credit bureau says you’ll exchange files PGP-encrypted with these keys on this schedule, Files.com makes that mandate trivial to meet — encrypting and decrypting automatically inside the workflow you already run, and managing the entire key lifecycle for you. It is not the cipher that’s hard. It is the key exchange, the rotation, and the setup. Files.com runs all of it.
GPG — and its predecessor PGP — is the public-key encryption standard that large organizations require of anyone who exchanges files with them. The buyer here usually isn’t a security team shopping for encryption. It’s the company or vendor that has to satisfy a big counterparty’s PGP requirement to keep doing business with them. The mandate arrives, and suddenly it’s your problem to implement, and it has to fit the flow you already run.
Files.com makes it easy on both fronts: the encryption happens automatically inside the transfer, and the genuinely painful part — the key management — is handled too. You meet the contractual requirement without standing up a separate PGP server, distributing private keys to every system that touches the file, or maintaining the GnuPG glue scripts legacy MFT tools force on you.
Configure it once per folder, and encryption happens on every file automatically, with nobody on your team running a script or touching a key by hand.
When a file lands in a folder you’ve set up for it, Files.com encrypts it with your partner’s public key so only they can read it — or decrypts an inbound file with your private key so it flows into your downstream systems in plain form. No wrapper scripts, no manual step.
This is the part that actually hurts: generating keys, storing them safely, rotating them on the counterparty’s schedule, and exchanging public keys. The GPG Key Manager runs all of it — generate or import keys in the UI, attach them to folders or partners, and rotate without touching filesystem scripts or per-machine keyrings.
Set per-folder keys so each partner or workflow has its own encryption boundary, enforced by your folder structure rather than by an external orchestration tool you have to maintain.
GPG Recryption decrypts with one key and re-encrypts with another in one operation — for partner-to-partner exchange where the inbound and outbound key pairs are different. The file is never left sitting in plaintext between steps.
GPG isn’t a standalone tool — it’s a step inside an automated workflow. Inbound: an encrypted file arrives, GPG decrypts it, and an automation routes the plaintext to your downstream system. Outbound: an automation prepares the file, GPG encrypts it with the partner’s key, and it’s delivered. For partners who layer PGP on top of AS2 and EDI, the two compose in the same flow.
Every GPG operation is logged — the file, the user or automation that started it, the key used, and the timestamp — so you have the per-event record a partner audit asks for. Tamper detection (MDC) is supported on encrypted payloads. GPG with your own keys is available on Power and above; see what each plan includes on the pricing page.
What teams ask about which protocols it covers, how it differs from at-rest encryption, key management, and pricing.
Start a free trial, generate or import your keys in the GPG Key Manager, and turn on automatic encryption for a folder. Onboard to the counterparty without the key-exchange drama.
No credit card required • Free for 7 days • Live in minutes