Gmail strengthens security with client-side encryption
The client-side Encryption (CSE) is available in beta for Gmail.
What you need to know
- Google announces client-side encryption for Gmail (for web) in beta.
- It adds an extra layer of protection for sensitive data and attachments in an email.
- Google Workspace Enterprise Plus, Education Plus, and Education Standard customers can apply for the beta until January 20, 2023.
Google announced that it is expanding its Google Workspace’s client-side encryption for Gmail through a new beta program.
The search giant’s proprietary client-side encryption (CSE) is already available for Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta). The company plans to expand it to Gmail for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. They are eligible to apply for the beta till January 20, next year, per the Google Workspace announcement post.
When utilized in Gmail, the CSE promises to make the sensitive data in the email body and attachments indecipherable to even Google and its servers. Google says that "consumers can retain control over encryption keys and the identity service to access those keys."
That said, there are some limitations to what is actually encrypted. According to a support page, the email header — including subject, timestamps, and recipients lists — is not encrypted. Some features are also not supported with client-side encryption, such as Smart compose, confidential mode, multi-send, emoji, and more. CSE is also only available on the mobile app for iOS and Android phones for now.
Still, it can be beneficial for organizations handling sensitive intellectual property. Those can include highly industry-regulated firms like defense, government, and financial firms.
Google says it will accept beta applications from businesses willing to try out the new CSE program over the next several weeks. After acceptance, the feature will be turned off by default for Admins. They can be enabled at the domain, OU, and Group levels by heading to Admin console > Security > Access and data control > Client-side encryption.
The end-users can add the CSE to any message sent internally or externally via Gmail by clicking the new padlock icon right next to Cc and Bcc tags. It showcases a new additional protection window featuring a "Turn on" button. Users can then send their sensitive data in the body and attachments after enabling the feature and stay protected.
Get the top Black Friday deals right in your inbox: Sign up now!
Receive the hottest deals and product recommendations alongside the biggest tech news from the Android Central team straight to your inbox!
Vishnu is a freelance news writer for Android Central. Since 2018, he has written about consumer technology, especially smartphones, computers, and every other gizmo connected to the internet. When he is not at the keyboard, you can find him on a long drive or lounging on the couch binge-watching a crime series.