Google announced end-to-end encryption for Gmail web

Pierluigi Paganini December 18, 2022

Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client.

Google announced end-to-end encryption for Gmail (E2EE), with Gmail client-side encryption beta, users can send and receive encrypted emails within their domain and outside of their domain. 

Google E2EE was already available for users of Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta).

The IT giant announced that the client-side encryption in Gmail on the web will be available in beta for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. Users can apply for the beta until January 20, 2023.

Using end-to-end encryption for Gmail will make sensitive data in the email body and attachments from indecipherable to Google servers.

“Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.” reads the announcement published by Google.

“Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys.”

Google Workspace Client-side encryption (CSE) allows handling content encryption in the client’s browser before data is transmitted or stored in Drive’s cloud-based storage.

The company pointed out that it can’t access users’ encryption keys.

End users can add client-side encryption to any message by click the lock icon and select additional encryption.

 

end-to-end encryption Gmail

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities. Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.” concludes the announcement. “Client-side encryption is already available for Google Drive, Google Docs, Sheets, and Slides, Google Meet, and Google Calendar (beta).”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Gmail)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment