Gmail App Icon 3D Symbol Shape Spotlighted on Black Background with Copy Space 3D Illustration
Image: MR/Adobe Stock

Google is trying to help enterprise and educational users of Gmail better secure their messages. On Friday, the search giant announced a new beta release of Gmail client-side encryption for organizations that subscribe to Google Workspace Enterprise Plus, Education Plus or Education Standard. Recently launched, the new beta will be available for signup until Jan. 20, 2023.

Jump to:

What’s included in the beta?

With the new option, your users can send and receive encrypted emails both inside and outside your domain. The encryption secures the body of the email and any attachments, including inline images, but does not secure the email header, subject, timestamp, or recipient lists.

Adding to the encryption already used by Google Drive, Google Meet, Google Docs, Google Sheets and Google Slides, the new Gmail encryption is designed to keep data private and confidential while at the same time meeting regulatory and compliance requirements for security.

SEE: Mobile device security policy (TechRepublic Premium)

Organizations will be able to use their own encryption keys to secure their Gmail messages in addition to adopting the default encryption offered by Google. Designed for Gmail on the web, the client-side encryption ensures that any data is encrypted before it’s sent to or stored in Google’s cloud-based storage. This means that Google’s servers will be unable to decrypt the information or access your encryption keys.

How to access the new client-side encryption

For organizations that sign up for and set up the beta, the new client-side encryption will be off by default. IT administrators can enable it at the domain, organizational unit and Group levels by logging into the admin console, selecting Security, choosing Access and data control, and then enabling Client-side encryption. End users who want to add the encryption to a Gmail message can click the lock icon and select the option for additional encryption.

How do I sign up my organization?

For now, the beta of the client-side encryption will only be available for Gmail on the web. Google promises that the option will reach the Gmail mobile app for both Android and iOS in an upcoming release.

Administrators who want to sign up and use the beta should review the steps and requirements at the appropriate Google help page.

After preparing their accounts and environments, admins need to fill out and submit the Gmail CSE Beta Test Application form with contact details as well as a test domain name for trying the beta. You’ll then have to enable and set up the option for a chosen group of test users who can try out specific features.

Interested admins should also read Google’s About client-side encryption help page for more details on the overall technology.