Google Workspace Extends Client-Side Encryption to Gmail

google workspace gmail hero approved

Google has recently announced client-side encryption support for Gmail on the web. The long-awaited security feature is currently available in public beta and lets Google Workspace users send and receive encrypted emails.

With client-side encryption enabled, Gmail on the web now lets IT admins secure email communication within and outside their domain. The feature fully encrypts the body of the email, inline images, and attachments. However, it doesn’t encrypt email headers, the subject, recipients, and time stamps.

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities. Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs,” Google explained in a blog post.

Google Adds Client-Side Encryption Support to Gmail for Workspace

How to turn on client-side encryption in Gmail on the web

Google notes that IT admins will first need to turn on client-side encryption by navigating to the Admin console >> Security >> Access and data control > Client-side encryption. Once enabled, Gmail users can click on the lock icon in the message compose box and select the Turn on option under Additional encryption.

Finally, compose the message, add attachments (if any) and then send the email. The recipient should have client-side encryption enabled and valid certificates in order to receive encrypted emails.

It is worth noting that client-side encryption support is already available in several other Google Workspace products. These include Google Drive, Google Meet, Google Sheets, Google Slides, and Google Docs. Moreover, the security feature is also available in beta for Google Calendar.

Currently, client-side encryption is available in public beta for Google Workspace Enterprise Plus, Education Plus, and Education Standard edition plans. However, it’s not supported for personal accounts just yet.

Overall, Google notes that this feature should help to meet the compliance needs of aerospace, defense, financial institutions, and government customers. If you’re interested, you can sign up for the Gmail client-side encryption beta program on this page until January 20, 2023.