Google is making client-side encryption in Gmail available to business users

Spread the love

Google has made the previously announced client-side encryption in Gmail generally available to Workspace and Education users. With that encryption, messages are scrambled before they reach Google’s servers.

Google writes that it has made client side encryption, or CSE, generally available to Gmail users within Workspace Enterprise Plus and within the Education Standard and Education Plus education packages. With CSE, the body and attachments of emails are encrypted, but headers are still unencrypted. This only applies client side. The e-mails cannot be intercepted by Google and other external parties, but an organization can retrieve the decryption keys if necessary to decrypt messages. This is often necessary within companies for compliance requirements, for example.

Administrators of a Workspace or Education package can set when users can turn encryption on or off. Users can then do this themselves in Gmail, for which there is a separate button. It is also possible to enable ‘additional encryption’. In that case, a sender forces a recipient to log in first to read a message, for example if that recipient is within the same identity management policies. By default, encryption is off.

Google already announced the CSE functionality as a beta in December, but it is now final. Whether a similar feature will ever be available to standard Gmail users is unknown.

You might also like
Exit mobile version