Organizations
subject
to
government
regulations
can
gain
more
control
over
their
own
security.
Google
Workspace
has
expanded
its
client-side
encryption
to
Gmail
and
Google
Calendar
for
users
of
Workspace
Enterprise
Plus,
Education
Standard
and
Education
Plus,
Google
announced
on
Tuesday.
This
gives
admins
who
use
these
products
more
control
over
their
organization’s
data
and
how
it
is
secured.
SEE: Google
Workspace
vs.
Microsoft
365:
A
side-by-side
analysis
w/checklist (TechRepublic
Premium)
This
new
security
measure
for
Gmail
and
Calendar
was
already
in
place
for
Google
Drive,
Docs,
Slides,
Sheets
and
Meet.
It
has
been
in
beta
since
June
2021
for
users
of
Google
Workspace
Enterprise
Plus
and
Google
Workspace
Education
Plus.
What
does
client-side
encryption
for
Gmail
and
Calendar
do?
Client-side
encryption
allows
admins
to
use
their
own
encryption
keys
to
secure
their
data,
giving
them
direct
control
over
the
keys
and
the
identity
provider
who
gives
access
to
them.
The
information
is
encrypted
before
it
gets
to
Google
servers.
Information
protected
this
way
can
be
made
indecipherable
to
external
entities,
including
Google.
Client-side
encryption
for
Google
Workspace
is
now
available
for
the
following:
-
Google
Drive
for
web
browser,
Drive
for
Desktop
(non-Google
file
formats
only),
and
Drive
on
Android
and
iOS
mobile
apps
(view-only
for
non-Google
file
formats). -
Gmail
for
web
browser
only. -
Google
Calendar
for
web
browser,
and
Calendar
on
Android
and
iOS
mobile
apps
in
beta. -
Google
Meet
for
web
browser
only.
Google
has
partnered
with
four
key
access
service
providers:
FlowCrypt,
Futurex,
Thales
and
Virtru.
Organizations
can
also
use
their
own
proprietary
key
services
via
Google’s
key
access
service
API.
First,
admins
will
need
to
set
up
key
access
service
with
one
of
the
participating
providers
or
with
the
Google
Workplace
CSE
API.
Client-side
encryption
for
Gmail
applies
to
sent
and
received
emails
and
meeting
invitations,
including
inline
images
and
attachments;
it’s
also
a
factor
in
some
data
sovereignty
and
compliance
requirements.
Users
will
see
a
lock
icon
on
their
email
composition
window;
clicking
it
shows
an
option
to
add
“additional
encryption”.
SEE:
Data
governance
checklist
for
your
organization
(TechRepublic
Premium)
Google
expects
to
add
client-side
encryption
support
for
Gmail
Android
and
iOS
mobile
apps
at
a
later
date.
They
also
plan
to
bring
Meet
on
Android,
iOS
mobile
apps
and
meeting
room
hardware
into
the
fold
in
a
later
release.
Google
Workspace
admins
can
see
full
documentation
here.
For
the
Calendar
beta,
signups
are
available
here.
Google
Workspace
takes
regulations
into
account
Some
of
Google’s
major
enterprise
customers,
including
Groupe
Le
Monde,
PwC
and
Verizon,
are
subject
to
shifting
regulatory
requirements,
which
may
have
encouraged
Google
to
push
client-side
encryption
through.
“These
features
now
being
available
across
Google
Workspace
represents
a
pivotal
moment
for
us.
We’re
enthusiastic
about
the
ability
to
continue
to
benefit
from
the
efficiency
of
work
that
Workspace
provides
us
with,
whilst
at
the
same
time
maintaining
trust
with
our
customers
that
their
confidential
data
will
stay
private
and
compliant,”
said
Shaun
Bookham,
UK
operations
&
technology
director
at
PwC.
In
other
Google
news,
the
tech
giant
is
pushing
for
cloud
solutions
alongside
rivals
Amazon
and
Microsoft.
Telecom
and
a
chat
AI
solution
are
also
on
the
roadmap.