Google announced end-to-end encryption for Gmail web

December 18, 2022  By Pierluigi Paganini


Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client.

Google announced end-to-end encryption for Gmail (E2EE), with Gmail client-side encryption beta, users can send and receive encrypted emails within their domain and outside of their domain. 

Google E2EE was already available for users of Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta).

The IT giant announced that the client-side encryption in Gmail on the web will be available in beta for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. Users can apply for the beta until January 20, 2023.

Using end-to-end encryption for Gmail will make sensitive data in the email body and attachments from indecipherable to Google servers.

“Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.” reads the announcement published by Google.

“Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys.”

Google Workspace Client-side encryption (CSE) allows handling content encryption in the client’s browser before data is transmitted or stored in Drive’s cloud-based storage.

The company pointed out that it can’t access users’ encryption keys.

End users can add client-side encryption to any message by click the lock icon and select additional encryption.

 

end-to-end encryption Gmail

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities. Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.” concludes the announcement. “Client-side encryption is already available for Google Drive, Google Docs, Sheets, and Slides, Google Meet, and Google Calendar (beta).”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Gmail)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Fire and rescue service in Victoria, Australia, confirms cyber attack

 The fire and rescue service in the state of Victoria, Australia, has shut down its network and turned to operating manually...