Virtual Event Today: Cloud & Data Security Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

Google Boosts Security of Gmail Infrastructure

All Gmail Messages Now Encrypted While Moving Internally

All Gmail Messages Now Encrypted While Moving Internally

Google announced on Thursday that its Gmail service would use added encryption to protect against eavesdropping and keep messages secure.

“Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email,” Gmail security engineering lead, Nicolas Lidzborski, wrote in a blog post.

“Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers – no matter if you’re using public WiFi or logging in from your computer, phone or tablet,” he added.

The new security protection for Google’s popular email service is the latest move as Internet and technology firms scramble to boost their security efforts and up encryption after Edward Snowden began to leak classified details on the scope of US government spying.

Lidzborski said that 100 percent of email messages that Gmail users send or receive are encrypted while moving internally.

“This ensures that your messages are safe not only when they move between you and Gmail’s servers, but also as they move between Google’s data centers—something we made a top priority after last summer’s revelations,” Lidzborski said.

Advertisement. Scroll to continue reading.

Joseph Hall, chief technologist at the Center for Democracy and Technology, told AFP that Google’s encryption “would make it very difficult” for the NSA or others to tap into email traffic directly.

“I’m reluctant to say anything is NSA-proof,” Hall told AFP. “But I think what Google is trying to do is make sure they come through the front door and not the back door.” He warned that the encryption would be only for “transport” and that data may still be unencrypted while sitting on a user’s browser or stored in certain data centers. Hall added that Google’s encryption is positive because it is “part of a general trend of strengthening the core Internet structure.”

In December 2013, a group of US-based Internet giants called on Washington to overhaul its surveillance laws. In an open letter to President Obama and Congress, the tech giants called on Washington to lead the way in a worldwide reform of state-sponsored spying.

In January, President Barack Obama announced plans to curtail the reach of massive phone surveillance sweeps by the NSA, but said bulk data collection must go on to protect America from terrorists.

In December, Microsoft said it would “pursue a comprehensive engineering effort to strengthen the encryption of customer data” in order to protect its customers from prying eyes and increase transparency.

In a recent letter to customers, IBM executive Robert Weber emphasized the need for Governments to take action in order to restore trust.

“Data is the next great natural resource, with the potential to improve lives and transform institutions for the better,” Weber said. “However, establishing and maintaining the public’s trust in new technologies is essential.”

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Jazz has named Sean Robinson, Rickie Goyal, Danielle Guetta, Shani Nago, and Lior Magram as VPs and Michael Calev as COO.

AJ Shipley has been appointed Chief Product Officer at CrowdStrike.

Brinqa has named Ron Dovich as Chief AI and Automation Officer, David Allen as CTO, Steve Biagioni as CFO, and James Walta as VP of Product.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.