Google is bringing client-side encryption to Gmail on the web, giving Google Workspace users the ability to add more security to their emails and strengthen the confidentiality of their data.
According to Google, Workspace Enterprise Plus, Education Plus and Education Standard customers are eligible to apply for the client-side encryption beta until Jan. 20, 2023.
The enhanced security feature is designed to protect sensitive data in the email body and attachments, making them indecipherable to Google servers. Customers will retain control over encryption keys and the identity service to access the keys, Google says.
While the company already uses the “latest cryptographic standards” to encrypt all data at rest and in transit between facilities, client-side encryption in Gmail can help strengthen the confidentiality of data and address data sovereignty and compliance needs, Google says in a Workspace updates blog.
In a support document, Google says content encryption is handled in the client’s browser before any data is transmitted or stored in Google’s cloud-based storage, preventing Google servers from accessing encryption keys. Admins can then choose which Gmail users can create client-side encrypted content and share it internally or externally.
Client-side encryption is already available for Google Drive, Google Dogs, Sheets, Slides, Google Meet and Google Calendar (beta).
Eligible Workspace customers can apply for the beta after completing several steps, but the feature will be off by default. It can be enabled at the domain, OU and Group levels, according to Google.
When enabled, end users can add client-side encryption to any Gmail message by clicking the lock icon and selecting additional encryption and creating the email as normal.
In a support document, Google says client-side encryption will be available for other Google services in a later release.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!