Google has let businesses apply to test client-side encryption for Gmail. The beta, announced in a blog post(Opens in a new window), makes “sensitive data” and attachments unreadable even to Google.
Workspace Enterprise Plus, Education Plus, and Education Standard customers are eligible to apply to use it until Jan. 20, 2023.
Once customers have successfully applied to use the feature, admins can enable it at domain, OU, and Group levels by visiting Admin console > Security > Access and data control > Client-side encryption.
Users can add client-side encryption to any email by clicking the lock icon and selecting ‘additional encryption’, as evidenced below.
According to The Verge(Opens in a new window), the feature is not yet compatible for use with emojis, a signature, and Smart Compose. In fact, as seen in the gif above, when client-side encryption is enabled via the lock, those features become inaccessible.
Google spokesperson Ross Richendrfer told The Verge in an email that it is possible to send encrypted emails to people who use other email clients such as ones from Microsoft or Apple.
Client-side encryption is already available for Google Drive, Google Docs, Sheets, and Slides, Google Meet, and Google Calendar (beta).
There is a key difference between end-to-end encryption and client-side encryption. According to a help document(Opens in a new window) from the company, client-side encryption gives administrators control over the keys and allows them to “monitor users’ encrypted files.”
Explaining the feature, Google said: “Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys.”
Recommended by Our Editors
The beta testing feature is not available to users with personal Google accounts, not users using Google Workspace Essentials.
PCMag reached out to Google to ask if the company had any plans to roll the feature out to personal Gmail users but did not immediately receive a response.
Google added client-side encryption to Drive for Workspace business users last year(Opens in a new window), before also rolling it out to Meet and launching the beta for Calendar.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Hits: 0
