Google announced this Friday that it will add end-to-end encryption (E2EE) to Gmail on the web, allowing registered Google Workspace users to send and receive encrypted email inside and outside their domain.
End-to-end encryption is a form of data protection designed to ensure this only the final recipient can read the data. It is mainly used to protect the privacy of messaging, chat and voice call users and several services have it: WhatsApp, Telegram and other applications. Given the large number of data leaks, it is a key tool.
Client-side encryption (as Google calls E2EE) was already available to users of Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta). It will now be available in post offices to make them more secure.
Once enabled, Gmail’s client-side encryption will ensure that sensitive data provided as part of the email body and attachments cannot be decrypted by Google’s servers.
“With Google Workspace client-side encryption (CSE), content encryption is handled in the client browser before data is transmitted or stored in storage. Cloud-based driveGoogle explained on its support website.
“This way, Google’s servers cannot access your encryption keys and decrypt your data. After setting up CSE, you can choose which users can create client-side encrypted content and share it internally or externally.”
The beta can be requested until January 20, 2023 by submitting a Gmail CSE beta test request, which must include the email address, the project ID and domain of the test suite.
Gmail E2EE beta is currently available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers.
Availability
The company says the feature is not yet available to users with personal Google accounts or Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline and Nonprofits, as well as legacy customers of G Suite Basic and Business.
After Google emails back that the account is ready, administrators can set up Gmail CSE for their users by following the steps below to set up their environment, prepare S/MIME certificates for each user in the test suite, and configure the key service and identity provider.
The feature will be disabled by default and can be enabled at the domain, OU, and group level from Admin Console > Security > Data & Access Control > Client-Side Encryption.
Once enabled, E2EE can be turned on for any message by clicking the lock icon next to the Recipients field and clicking “Enable” under the “Additional Encryption” option.
You can then compose your Gmail message and add email attachments as you normally would.
“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities,” Google added.
“Client-side encryption helps strengthen the privacy of your data by helping you resolve it a wide range of needs compliance and data sovereignty,” they concluded.
Source: Clarin
Linda Price is a tech expert at News Rebeat. With a deep understanding of the latest developments in the world of technology and a passion for innovation, Linda provides insightful and informative coverage of the cutting-edge advancements shaping our world.