Skip to content

On Friday, Google announced that it is adding end-to-end encryption (E2EE) to Gmail on the web, allowing registered Google Workspace users to send and receive encrypted email within their domain and beyond.

Client-side encryption (what Google calls E2EE) was already available to users of Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta).

Once enabled, Gmail client-side encryption will ensure that any sensitive data provided as part of the email body and attachments cannot be decrypted by Google’s servers.

“With Google Workspace Client-Side Encryption (CSE), content encryption is performed in the client’s browser before any data is transmitted or stored in Drive cloud-based storage,” Google explained on its support site.

“That way, Google’s servers can’t access your encryption keys and decrypt your data. After configuring CSE, you can choose which users can create client-side encrypted content and share it internally or externally.”

They can apply for the beta by January 20, 2023 by submitting their Gmail CSE Beta Test application, which must include an email address, Project ID, and domain of the test group.

Gmail E2EE beta is currently available for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers.

The company says the feature isn’t yet available with personal Google Accounts or for older customers of Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as G Suite Basic and Business. .

After Google responds that the account is ready, administrators can configure Gmail CSE for their users by going through the following procedure to configure their environment, prepare S/MIME certificates for each user in the test group, and configure the basic service and to adjust. identity provider.

Gmail E2EE beta
Sending and receiving encrypted emails in Gmail (Google).

The feature will be disabled by default and can be enabled at the domain, organizational unit, and group levels by going to Admin Panel > Security > Access and Data Control > Client-Side Encryption.

Once enabled, you can enable E2EE for any message by clicking the lock icon next to the “Recipients” field and clicking “Enable” under the “Additional encryption” option.

You can then compose your Gmail message and add email attachments as you normally would.

“Google Workspace already uses the latest encryption standards to encrypt all data at rest and in transit between our facilities,” Google added.

“Client-side encryption helps strengthen the privacy of your data while helping to address a wide range of data sovereignty and compliance requirements.”


Leave a Reply

Your email address will not be published. Required fields are marked *