Google launches client-side encryption feature in Gmail for business security
In the digital age, protecting sensitive information during email exchanges is essential, especially when working on the go. Google has recognized this need for heightened privacy and is introducing client-side encryption in the mobile version of Gmail, offering users an additional layer of security when sending emails.
Client-side encryption is a security measure that encrypts data on the sender's device before it is transmitted to the recipient's device. This means that only the sender and recipient have the keys to decrypt the data, and no one else, including Google, can access it.
The feature in Gmail mobile encrypts the body and attachments of emails before they are sent. The encrypted emails are then stored on Google's servers, but Google cannot decrypt them. Only the recipient can decrypt the emails using the encryption key that is provided to them by the sender.
This new feature offers a number of benefits, including: enhanced privacy to ensure that only the sender and recipient of an email can access it, even Google cannot access the encrypted data; It can help organisations comply with data protection regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA); the feature can help to protect data from unauthorized access, even if the data is intercepted in transit.
Moreover, if Google's servers were to be hacked, attackers would not be able to access any encrypted data. Businesses can also show their customers and partners that they are committed to protecting their data by using client-side encryption.
To enable client-side encryption for Gmail mobile, admins need to configure their settings under the Security section in the Gmail console. Users can then activate the feature by tapping on the lock icon and opting in for additional encryption when sending an email on Android or iOS.
The feature is currently only available to Workspace Enterprise Plus, Education Plus, and Education Standard accounts. Additionally, some features, such as multi-send mode, signatures, and Smart Compose, are not available when using client-side encryption.