I recently had a conversation with one of our customers about the automatic encryption webinar they attended. The webinar demonstrated how companies can implement AES encryption on their AS/400 without making application changes.
AES encryption is the standard when it comes to encrypting data in a database. Advanced Encryption Standard (AES) has been adopted as a standard by the US government and many state and local agencies. AES is the recommended encryption method for PCI, HIPAA/HITECH, GLBA and individual state privacy regulations. AES encryption uses an encryption key to encrypt the data. Typically, this key is stored on the AS/400 and used when the data needs to be decrypted. To side track here a little, this is not a good idea. Leaving your encrypted data and keys in the same place is like leaving the key to your house under your door mat. If you want to learn more about why this is a bad idea, take a look at this blog article on the topic.
PGP Encryption
AES encryption and PGP encryption solutions work together to ensure that all your sensitive data is secure. AES will protect data at rest within your organization and PGP encryption keeps it secure when it is sent outside your company.
I hope this has been helpful in better understanding the differences and similarities of PGP encryption and AES encryption. Learn more about AES and PGP encryption with the webinar "Automatic Encryption on the IBM i" that spurred this conversation or the whitepaper "AES Encryption and Related Concepts".