Highlights
- Gmail aims to make end-to-end encryption easier for enterprise users.
- It will allow businesses to send secure emails across any service with minimal setup.
- CSE is available on Workspace Enterprise Plus tier with Assured Controls add-on.
- Businesses can join the beta program now, with encrypted emails expanding to all Gmail inboxes and email services by year-end.
Caption – Sending end-to-end encrypted emails will be easier on Gmail. (Image credit – Google)
Gmail is working on making end-to-end encrypted (E2EE) emails much easier to send, especially for businesses in regulated industries. The goal is to let enterprise users send E2EE messages to anyone, on any email service, with just a few clicks.
As of now, this process requires a lot of IT work because of the complexity of S/MIME and other proprietary solutions.
In a blog post titled “Making end-to-end encrypted emails easy to use for all organizations,” Google explained the problem, “IT teams need to acquire and manage certificates and deploy them to each user, resulting in additional efforts and costs. And end users have to figure out whether they and the recipient have S/MIME configured (few do) and then go through the hassle of exchanging certificates before the encrypted emails can be exchanged.”
To make this work, companies will need Client-Side Encryption (CSE), available on the Workspace Enterprise Plus tier with the Assured Controls add-on. Google says, “The emails are protected using encryption keys controlled by the customer and not available to Google servers, providing enhanced data privacy and security.”
ADD THE GIF –
Once set up, users can tap a lock icon when composing an email, and the window will turn blue to indicate encryption.
For Gmail users (personal or enterprise), the encrypted email is automatically decrypted in the inbox, and the recipient can read it normally. As for other email services, the recipient will receive a link to view the email in a restricted version of Gmail via a “guest Google Workspace account”, which also allows them to reply.
As of now, businesses can sign up for beta access to send encrypted emails within their organisation. In the coming weeks, this will expand to any Gmail inbox and by the end of the year, to any email service via a link or invite.
Google is also rolling out several new security features for Gmail, including Classification labels, CSE default mode, Data Loss Prevention (DLP) and a new AI-powered threat protection model.
FAQs
Q1. What is Gmail’s goal for end-to-end encryption (E2EE)?
Answer. Gmail aims to make E2EE easier for enterprise users by enabling secure emails across any service with minimal setup, especially for regulated industries.
Q2. What is Client-Side Encryption (CSE) and who can access it?
Answer. CSE is available on the Workspace Enterprise Plus tier with the Assured Controls add-on. It protects emails using encryption keys controlled by customers, ensuring enhanced privacy and security.
Q3. When will Gmail’s E2EE features be available to all email services?
Answer. Businesses can join the beta program now, and encrypted emails will expand to all Gmail inboxes and email services by year-end, along with additional security features.
Also Read:Gmail users targeted by AI phishing attacks and increasing cases of digital arrest scam