Connect with us

Hi, what are you looking for?


Data Protection

Google Workspace Gets Client-Side Encryption in Gmail

Google on Friday announced the beta availability of client-side encryption in Gmail for some of its Google Workspace customers.

Google on Friday announced the beta availability of client-side encryption in Gmail for some of its Google Workspace customers.

The feature is meant to improve the confidentiality of emails when they rest on Google’s servers, by applying encryption to the email body and attachments while providing Workspace customers with control over the encryption keys and the identity service used to access the keys.

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities. Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs,” Google announced.

The internet giant previously enabled client-side encryption for Workspace Enterprise Plus, Education Plus, and Education Standard customers, for services such as Google Drive, Docs, Sheets, Slides, Meet, and Calendar (beta).

Client-side encryption in Gmail

Now, client-side encryption is also available for Gmail, and those interested in trying it can apply for beta access until January 20, 2023.

To get started, administrators first need to complete a few steps to prepare accounts for the beta. While off by default, the client-side encryption can then be enabled from the admin console.

Once the feature is enabled, end-users can add it to their messages by clicking on a lock icon and selecting additional encryption. Composing messages and adding attachments will work as usual, Google says.

Advertisement. Scroll to continue reading.

The internet giant has published several resources to help Google Workspace administrators set up and learn more about client-side encryption.

Business Starter, Business Standard, Business Plus, Education Fundamentals, Enterprise Essentials, Frontline, Nonprofits, Workspace Essentials, legacy G Suite Basic and Business customers, and users with personal Google accounts are not receiving client-side encryption in Gmail yet.

Related: New Identity Verification Feature Boosts Google Workspace Protections

Related: Google Workspace Now Warns Admins of Sensitive Changes

Related: Google Fights Phishing With Updated Workspace Notifications

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.