|Location-based File Encryption / Configuring location-based File Encryption settings in General Settings policies|
The content of files encrypted by File Encryption are decrypted on-the-fly, if the user owns the required key. When the content is saved as a new file in a location that is not covered by an encryption rule, the resulting file will not be encrypted.
With persistent encryption, copies of encrypted files will be encrypted, even when they are saved in a location not covered by an encryption rule.
You can configure persistent encryption in policies of the type General Settings. The policy setting Enable persistent encryption is activated by default.