Google has finally announced the most awaited feature for its email services. Enhancing privacy and making email deliveries more safe and secure, Google is bringing end-to-end encryption for its Gmail on the web. The feature is currently available in beta and is only available for Google Workspace Enterprise Plus, Education Plus, and Education Standard i.e normal education accounts.
Google in its recent blog post announced that all its enterprise users are eligible to sign up for the Gmail client-side encryption beta until January 20th, 2022. The new client-side encryption for the Gmail web will make user data and attachments encrypted and unreadable to any third person, even Google itself. That means all sensitive data of users in the email with attachments will be more secure.
“Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys,” cites Google in its blog post.
Why end-to-end encryption in Gmail is helpful
The end-to-end encryption in Gmail will ensure that users’ email messages are encrypted by the sender, and can only be decrypted by the intended recipient on their device. No third person, organisation and even email server Google itself can decrypt or read the messages and attachments sent with the email.
Notably, Google already provides client-side encryption on Google Drive, Docs, Sheets, Slides, Google Meet, and Google Calendar (beta). Now with the feature available for Workspace users. Although individual users will have to wait a bit to get the feature for personal Gmail accounts.
In the meantime, once the workspace users sign-up for client-side encryption , they will be able to send and receive encrypted emails within or outside their domain. Google further clarifies that all the email body and attachments, including inline images, will be encrypted with the new feature. However, Google will not encrypt the header of the email, including subject, timestamps, and recipients lists.
The client-side encryption feature is only available for users who will sign up for beta. Once the enterprise users join the beta program, the feature will be available but will be off by default. To enable end-to-end encryption at the domain, organizational unit, and Group levels, users will have to go to Admin console > Security > Access and data control > Client-side encryption.
Additionally, to add client-side encryption to any mail, users can click the lock icon available at the side of the message window. Next, select additional encryption, and compose the message and add attachments as normal.
Google has also announced to bring client-side encryption to its Gmail app for Android and iOS “in an upcoming release.”