Gmail
client-side
encryption
(CSE)
is
now
available
for
Workspace
Enterprise
Plus,
Education
Plus,
and
Education
Standard
customers.
Google
announced
that
Gmail
client-side
encryption
(CSE)
is
now
available
for
all
Google
Workspace
Enterprise
Plus,
Education
Plus,
and
Education
Standard
customers.
In
December,
Google
announced
end-to-end
encryption
for
Gmail
(E2EE),
with
Gmail
client-side
encryption
beta
users
can
send
and
receive
encrypted
emails
within
their
domain
and
outside
of
their
domain.
Google
E2EE
was already
available for
users
of
Google
Drive,
Google
Docs,
Sheets,
Slides,
Google
Meet,
and
Google
Calendar
(beta).
The client-side
encryption in
Gmail
on
the
web
was
initially
available
in beta for
Google
Workspace
Enterprise
Plus,
Education
Plus,
and
Education
Standard
customers.
Using
end-to-end
encryption
for
Gmail
will
make
sensitive
data
in
the
email
body
and
attachments
from
indecipherable
to
Google
servers.
Google
Workspace
Client-side
encryption
(CSE)
allows
handling
content
encryption
in
the
client’s
browser
before
data
is
transmitted
or
stored
in
Drive’s
cloud-based
storage.
The
company
pointed
out
that
it
can’t
access
users’
encryption
keys.
End
users
can
add
client-side
encryption
to
any
message
by
clicking
the
lock
icon
and
select
additional
encryption.
“Client-side
encryption
takes
this
encryption
capability
to
the
next
level
by
ensuring
that
customers
have
sole
control
over
their
encryption
keys—and
thus
complete
control
over
all
access
to
their
data.
Starting
today,
users
can
send
and
receive
emails
or
create
meeting
events
with
internal
colleagues
and
external
parties,
knowing
that
their
sensitive
data
(including
inline
images
and
attachments)
has
been
encrypted
before
it
reaches
Google
servers.”
reads
the
announcement
published
by
the
company.
The
move
to
expand
CSE
capabilities
across
Google
Workspace
will
give
organizations
more
confidence
that
any
third
party,
including
Google
and
foreign
governments,
cannot
access
their
confidential
data.
“Users
can
continue
to
collaborate
across
other
essential
apps
in
Google
Workspace
while
IT
and
security
teams
can
ensure
that
sensitive
data
stays
compliant
with
regulations.”
continues
the
announcement.
“As
customers
retain
control
over
the
encryption
keys
and
the
identity
management
service
to
access
those
keys,
sensitive
data
is
indecipherable
to
Google
and
other
external
entities.”
Users
can
enable
“additional
encryption”
by
clicking
the
lock
icon
next
to
the
Recipients
field.
The
Gmail
client-side
encryption
(CSE)
will
be
off
by
default,
but
admins
can
turn
on
the
feature
from
Admin
console
>
Security
>
Access
and
data
control
>
Client-side
encryption.
The
company
published
a
guide
to
“Set
up
organization
for
Gmail
client-side
encryption“.
“The
company
says
the
feature
is
not
yet
available
to
users
with
personal
Google
Accounts,
as
well
as
for
Google
Workspace
Essentials,
Business
Starter,
Business
Standard,
Business
Plus,
Enterprise
Essentials,
Education
Fundamentals,
Frontline,
and
Nonprofits,
or
legacy
G
Suite
Basic
and
Business
customers.
“While
each
customer’s
digital
transformation
journey
is
different,
with
all
essential
Google
Workspace
apps
now
being
covered
by
CSE,
companies
of
all
sizes
in
all
industries
can
benefit
from
these
protections.” concludes
Google.
Follow
me
on
Twitter:
@securityaffairs
and
Facebook
and
Mastodon
(SecurityAffairs –
hacking,
Google
Gmail
client-side
encryption)
Share
On
About Author
