Security Experts:

Connect with us

Hi, what are you looking for?


Data Protection

Google Workspace Gets Client-Side Encryption in Gmail

Google on Friday announced the beta availability of client-side encryption in Gmail for some of its Google Workspace customers.

Google on Friday announced the beta availability of client-side encryption in Gmail for some of its Google Workspace customers.

The feature is meant to improve the confidentiality of emails when they rest on Google’s servers, by applying encryption to the email body and attachments while providing Workspace customers with control over the encryption keys and the identity service used to access the keys.

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities. Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs,” Google announced.

The internet giant previously enabled client-side encryption for Workspace Enterprise Plus, Education Plus, and Education Standard customers, for services such as Google Drive, Docs, Sheets, Slides, Meet, and Calendar (beta).

Client-side encryption in Gmail

Now, client-side encryption is also available for Gmail, and those interested in trying it can apply for beta access until January 20, 2023.

To get started, administrators first need to complete a few steps to prepare accounts for the beta. While off by default, the client-side encryption can then be enabled from the admin console.

Once the feature is enabled, end-users can add it to their messages by clicking on a lock icon and selecting additional encryption. Composing messages and adding attachments will work as usual, Google says.

The internet giant has published several resources to help Google Workspace administrators set up and learn more about client-side encryption.

Business Starter, Business Standard, Business Plus, Education Fundamentals, Enterprise Essentials, Frontline, Nonprofits, Workspace Essentials, legacy G Suite Basic and Business customers, and users with personal Google accounts are not receiving client-side encryption in Gmail yet.

Related: New Identity Verification Feature Boosts Google Workspace Protections

Related: Google Workspace Now Warns Admins of Sensitive Changes

Related: Google Fights Phishing With Updated Workspace Notifications

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cybersecurity Funding

UK-based email security and brand protection solutions provider Red Sift on Thursday announced raising $54 million in a Series B funding round that brings...


A database containing over 235 million unique records of Twitter users is now available for free on the web, cybercrime intelligence firm Hudson Rock...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...