On and on, we tell you to avoid using Google’s products, though we realize, in many instances – that’s easier said than done.
Take Gmail, for example; you pretty much must have a Gmail account if you’re an Android user.
Well, we want to give credit where credit is due, even when it’s related to Google — which has announced the expansion of its Google Workspace’s client-side encryption for Gmail through a new beta program.
The search giant already offers client-side encryption (CSE) for Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta). Now, it wants to extend this feature to Gmail for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. Customers using these products can apply for the beta till January 20 next year.
The CSE is basically another layer of data protection that makes the sensitive data in the email body and attachments indecipherable to even Google and its servers. The company says that “consumers can retain control over encryption keys and the identity service to access those keys.”
However, there are some limitations to what is actually encrypted. For instance, encryption doesn’t apply to the email header – which includes subject, timestamps, and recipients lists. Also, some features are not supported with client-side encryption, such as Smart compose, confidential mode, multi-send, emoji, and more. Finally, CSE is only available on the mobile app for iOS and Android phones for now.
Nevertheless, it can be helpful for organizations handling sensitive data such as intellectual property. And as such, the CSE would benefit companies in highly industry-regulated industries like defense, government, and finance.
If you’re one of the qualifying customers for the beta program, you can apply for it over the next several weeks. After acceptance, the feature can be enabled at the domain, OU, and Group levels from the Admin console -> Security -> Access and data control -> Client-side encryption.
End users on their end can add the CSE to any message sent internally or externally via Gmail by clicking the new padlock icon right next to Cc and Bcc tags. It showcases a new additional protection window featuring a “Turn on” button. Users can then send their sensitive data in the body and attachments after enabling the feature and stay protected.
Again, we’re glad Google is taking this route and can only hope they will extend the CSE to all of their users. We can hope, can’t we?