Google offers all business users the ability to encrypt email traffic, both within and outside the organization. The feature is becoming available gradually.
It wasn’t an April Fool’s joke: Google announces in a blog that end-to-end encryption (E2EE) is becoming available to everyone in Gmail. Organizations can now easily send end-to-end encrypted emails to any inbox, both to Gmail addresses and external mail clients. The feature is becoming available in stages, starting with emails within the same organization.
read also
Apple halts secure encryption for iCloud in UK under government pressure
In theory, end-to-end encryption was already available in Gmail, but it required a complex configuration. Traditional encryption solutions like S/MIME, used by Microsoft, come with certificate management, manual configuration, and collaboration between sender and receiver. With the new approach in Gmail, that complexity disappears and it can be set up with just a few mouse clicks, Google promises.
Client-side encryption
The new encryption functionality uses client-side encryption (CSE). This encrypts emails locally, even before they are sent or stored in the cloud. The encryption keys remain under the control of the organization and are not managed by Google. This supports compliance with data protection regulations, such as data sovereignty, HIPAA, and export restrictions.
Encrypted emails can be sent to other Gmail accounts, but it’s also available for mail traffic between Gmail and other mail servers. The display of the emails is slightly different depending on whether the email stays within Gmail or not. When the recipient is another Gmail user, the encrypted email automatically becomes readable in the familiar Gmail environment.
For external recipients without a Gmail account, Google provides ‘guest access’ to a limited Gmail version, allowing the email to be viewed and replied to securely. Organizations can also choose to set encryption as the default for all external mail traffic. This maintains control over company data, regardless of where the email is opened.
More security for Gmail
Google is rolling out end-to-end encryption gradually. Currently, the feature is only available for email traffic within the organization. Support for all Gmail addresses will follow in the coming weeks, and later this year for all external email clients as well.
In addition to the introduction of E2EE, Google is making additional security features generally available in Gmail. For example, IT administrators can set encryption as the default for outgoing emails and automatically set and apply classification labels to incoming mail traffic. Signing in with 2FA now happens via a QR code. Of course, there must also be a touch of AI in the announcement: Google uses AI to keep spam and phishing out of your mailbox.