Free Download
    • Pricing
    Free Download
    GLBA · SOX · PCI-DSS · FFIEC · NYDFS Part 500 · FIPS 140-2

    PowerArchiver for Financial Services

    FIPS 140-2 validated AES-256 across every regulated data path: customer NPI archives, Secure FTP vendor exchange, encrypted Outlook attachments, VSS-aware backups. The encryption your audit teams cite for GLBA, SOX, and PCI-DSS — one perpetual license, deployed via your MSI workflow. Used by banks, credit unions, broker-dealers, and insurance carriers.
    Request a quoteVolume pricing
    Compliance

    Where PowerArchiver shows up in your control matrix

    PowerArchiver doesn't replace your compliance program — it provides validated cryptographic and access controls that your auditor expects to see when reviewing data-protection technical safeguards. For formal FIPS 140-2 certificate documentation in your GLBA / SOX / PCI-DSS audit binder, Enterprise licensing carries the validation paperwork; Business / Professional / Toolbox ship the same AES-256 engine for encryption strength. Compliance documentation supplied for your audit binder on request.
    GLBA Safeguards Rule

    Customer-information protection

    The Gramm-Leach-Bliley Safeguards Rule (16 CFR §314.4) requires financial institutions to encrypt customer information at rest and in transit. PowerArchiver's FIPS 140-2 validated AES-256 satisfies the encryption-strength expectation for both. The 2023 amendment added explicit MFA, encryption, and access-control requirements — PowerArchiver's admin-lockdown + password-policy stack covers the controls layer.
    See security stack →
    SOX Section 404

    Internal controls over financial reporting

    Sarbanes-Oxley §404 puts management on the hook for the integrity of financial-reporting systems. PowerArchiver's HMAC-protected PAE2 archives and OpenPGP signed deliverables provide the tamper-evident audit trail your external auditor wants when reviewing data movement between consolidation systems, financial close packages, and audit workpaper exchanges.
    Audit workflows →
    PCI-DSS v4.0

    Cardholder data encryption

    PCI-DSS Requirement 3 mandates strong cryptography for stored cardholder data; Requirement 4 covers transmission over public networks. PowerArchiver's AES-256 (FIPS 140-2 validated) addresses both requirements when used for archived card data, monthly QSA evidence packages, and chargeback-package transmission to acquirers.
    Encryption details →
    FFIEC IT Handbook, NYDFS 23 NYCRR Part 500, and FINRA Rule 4370. Each regulator-specific framework names encryption and access controls as required technical safeguards. PowerArchiver supplies the same FIPS 140-2 cryptographic plumbing across all of them — your control narrative cites the same product whether the audit is FFIEC IT examination, NYDFS cybersecurity, or FINRA business-continuity. Drop into your existing risk-control matrix; the documentation cross-references each regime.
    Security stack

    NPI protected at rest, in storage, and in transit

    Encryption coverage that satisfies GLBA, FFIEC, NYDFS, and PCI-DSS technical-safeguard requirements end-to-end. Administrators can force any combination of these settings on the user fleet via MSI properties or GPO.

    AES-256 customer-data archives

    FIPS 140-2 validated ZIP-AES + the strengthened PAE2 container with filename + size + timestamp encryption. Account numbers, customer names, and transaction metadata aren't visible in archive listings — keeps NPI off shoulder-surfable file lists.

    Secure FTP with FIPS-validated TLS

    SFTP and FTPS over Microsoft CryptoAPI's FIPS 140-2 validated TLS. Use for vendor file exchange, regulator submissions, intercompany transfers, and any partner integration covered by your information-sharing agreement.

    Outlook encrypted attachments

    One-click encrypts attachments to AES-256 directly in the Outlook ribbon. Defaults are admin-lockable: prevent users from sending unencrypted financial data to external counsel, auditors, or regulators by accident.

    OpenPGP signing for audit packages

    Sign and encrypt audit deliverables with OpenPGP — RSA-4096 / ECC P-384, SHA-256 / 384 / 512 hashes. Auditors verify provenance with their existing PGP toolchain. Works with both internal-audit and external-audit workflows.

    VSS-aware Backup

    Volume Shadow Service captures consistent snapshots of locked / open files (mailboxes, transaction logs, regulated workload data). AES-256 encryption by default. Routes to local NAS + cloud + offsite simultaneously per your business-continuity plan.

    Password policy enforcement

    Force minimum password length and required character classes (lower / upper / numeric / symbol) at policy level. Combined with the password-profile dropdown, eliminates shared-passphrase patterns that trigger audit findings.

    Deploy via existing IT

    MSI · GPO · audit-friendly · five-minute fleet rollout

    Financial-services IT teams have deployed PowerArchiver for 16+ years. Single registration key for the entire fleet. Silent install. Lockdown matches the change-control rigor your audit committee expects.
  • Windows Installer (MSI) — push via SCCM, Intune, GPO, or your existing change-managed deployment tooling. 64-bit and 32-bit packages available.
  • Single-key registration — deploy via GPO or registry merge before or after installation. No per-machine activation overhead, no telemetry beyond the activation check.
  • Forced FIPS 140-2 mode — when Windows is configured in FIPS mode, PowerArchiver inherits the OS-level constraint and rejects non-FIPS algorithms automatically. No PowerArchiver-side configuration needed.
  • Force settings on users — require ZIP-AES 256, enforce minimum password policies, disable any major feature individually (cloud connectors, FTP, Backup, Encryption Suite). Give users only the paths your control matrix permits.
  • Air-gap deployment supported — for segregated trading floors, regulated production environments, or DR datacenters. License activation works via dedicated registry-merge path; no internet connection required at runtime.
  • Change-control friendly — major and minor versions are documented in release notes; signed installers make hash verification trivial for your software-bill-of-materials process. Compatible with rigorous test → UAT → production promotion cycles.
    • Business Volume Pricing

    Per-seat licenses scale with quantity

    Volume discounts apply to Business, Professional, Professional Toolbox, and Enterprise per-seat licenses. The more you buy, the lower the per-license price. At ~500–1,000 seats consider Enterprise ($59.95 with volume rates) or Enterprise Unlimited for org-wide flat-fee deployment with FIPS / HIPAA / DFARS compliance built in.

    Business

    QuantityPer licenseSave
    1$22.95
    2–9$16.0030%
    10–24$13.0043%
    25–49$11.0052%
    50–99$8.5063%
    100–199$6.5072%
    200–499$5.0078%
    500–999$3.5085%
    1000+$2.9087%

    Professional

    QuantityPer licenseSave
    1$34.95
    2–9$25.0028%
    10–24$20.0043%
    25–49$17.0051%
    50–99$13.0063%
    100–199$10.0071%
    200–499$7.5079%
    500–999$5.0086%
    1000+$4.0089%

    Professional Toolbox

    QuantityPer licenseSave
    1$49.95
    2–9$35.0030%
    10–24$28.0044%
    25–49$22.0056%
    50–99$17.0066%
    100–199$14.0072%
    200–499$10.5079%
    500–999$7.0086%
    1000+$5.5089%

    Enterprise

    QuantityPer licenseSave
    1$59.95
    2–9$45.5024%
    10–24$36.5039%
    25–49$28.5052%
    50–99$20.5066%
    100–199$18.0070%
    200–499$13.5077%
    500–999$9.0085%
    1000+$7.0088%

    When to switch to Enterprise: if you need FIPS 140-2, HIPAA / DFARS validation, audit logging, or centralized IT-control features, jump to Enterprise at $59.95 per-seat (volume rates available) — those compliance + IT features aren't in Business / Professional / Professional Toolbox. For org-wide deploys at high seat counts, Enterprise Unlimited (from $4,995) is typically more cost-effective than per-seat math above ~500 seats. Talk to sales for an Enterprise volume or Unlimited quote.

    Prices shown in your region's currency (USD by default; £ on the UK variant). Volume orders billed via PO with NET-30 available for established companies. Request a formal volume quote →
    Common deployments

    Where financial-services IT actually uses PowerArchiver

    A snapshot of the workflows where PowerArchiver shows up most often in financial-institution fleets. Each pattern is supported by features in PowerArchiver Professional or Toolbox.
    Workflow PowerArchiver feature Compliance angle
    External auditor data delivery OpenPGP signed AES-256 archives SOX §404 audit-trail integrity
    Encrypted email to outside counsel / regulators Outlook add-in + AES-256 PAE2 GLBA Safeguards Rule transit encryption
    Vendor-exchange SFTP (clearing, custody, payments) Secure FTP/SFTP with FIPS 140-2 TLS FFIEC vendor-management technical safeguards
    Cardholder-data archive storage FIPS-validated AES-256 + filename encryption PCI-DSS Requirement 3
    Regulatory submission package transfer SFX self-extracting archives + AES-256 NYDFS cybersecurity event reporting
    Production backup of regulated workloads PowerArchiver Backup (VSS + scheduling) FFIEC business-continuity / FINRA Rule 4370
    End-of-life workstation sanitization DoD 5220.22-M file wipe GLBA media-disposal safeguards
    For specific control-narrative language naming PowerArchiver as the technical safeguard, the FIPS 140-2 certificate package, or a vendor-due-diligence questionnaire response, contact us.
    Procurement

    Talk to us about your bank, broker-dealer, or insurance carrier

    Volume per-seat pricing for departmental rollouts; Enterprise Unlimited for organization-wide coverage. Vendor-due-diligence questionnaires returned within one business day. Direct response from sales engineering — no inbound-SDR funnel.
    Request a quote View Enterprise tiers
  • Email: ordering@conexware.com
  • Phone: 1-888-302-8800
  • Office: ConeXware, Inc. · 11654 Plaza America Dr. #350 · Reston, VA 20190 · USA
    • Need help?

    Get unstuck

    🛟

    Support

    Installation issues, license activation, registration recovery — submit a ticket through the support form and we'll respond within one business day.
    Open the support form →
    📚

    Wiki

    Feature documentation, command-line reference (PACL), MSI deployment notes, FAQ archives, and configuration guides for IT.
    Browse the Wiki →
    🔑

    Order Recovery

    Lost your license key, need to re-download an old purchase, or want to update billing details? Manage everything from your ConeXware account.
    Recover an order →