Google reveals better end-to-end encryption for Gmail business users

Gmail on MacBook
(Image credit: Stephen Phillips/Unsplash)

  • New Gmail E2EE method uses client-side encryption and customer-controlled keys
  • Gmail and non-Gmail users will all be able to open encrypted emails
  • It even works with organizations using S/MIME

Gmail enterprise users will be getting a new and improved end-to-end encryption model to keep their data safe in their email client, the company has revealed.

With the update, business users will be able to send encrypted emails to recipients using any email services, not just fellow Gmail users.

The change welcomes the simplification of the encryption process, eliminating the need to exchange certificates.

Gmail enterprise users are getting better E2EE

Explaining why the updated system is better, a blog post from Google Workspace Senior Product Manager Johney Burke and Product Manager Julien Duplant explained S/MIME requires certificates to be deployed and exchanged between all users before sending encrypted messages.

The Google leaders also noted that few organizations actually use S/MIME due to the complexity and cost.

Gmail’s new E2EE works by using client-side encryption and customer-controlled keys, which allows it to work regardless of the recipient client’s chosen email platform.

If the recipient is using Gmail (either as an enterprise or personal customer), the email will auto-decrypt in the inbox. Non-Gmail users will receive a link to view the message via a restricted version of Gmail. For companies that use S/MIME, Gmail will send an encrypted email via this method for a more seamless experience.

“IT teams also have the option to require all external recipients (even if they are Gmail users) to use the restricted version of Gmail,” Burke and Duplant added. “This helps ensure that their organization’s data does not end up stored on third-party servers and devices.”

Alongside the new encryption method, Google has also added a client-side encryption default mode so that IT teams can enforce encryption for sensitive teams, classification labels for easy email identification, data loss prevention (DLP) and a new threat protection AI model to improve spam and phishing detection.

For now, early access to E2EE emails in Gmail is only available via request.

You might also like

TOPICS
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.