Client-side encryption (CSE) is now broadly accessible for Gmail, following it was made available in Drive, Docs, Slides, Sheets, and Meet last year, and in Calendar earlier this month. The firm launched a CSE beta for Gmail and Calendar late last year, but the service is now available to all enterprises with a Google Workspace Enterprise Plus, Education Plus, or Education Standard subscription. The feature is not currently accessible for personal Workspace plans or Google accounts.
Despite the fact that Workspace “encrypts data at rest and in transit using secure-by-design cryptographic libraries,” CSE provides businesses with complete control to their encryption keys. “Starting today, users may send and receive emails or schedule meetings with internal colleagues and other parties, knowing that their sensitive data (including inline photos and attachments) has been encrypted before reaching Google servers,” Google noted in a blog post.
Workspace administrators will need to activate CSE, which is disabled by default. After your business has enabled CSE, you can add it to any message in Gmail by clicking the lock symbol to the right of the “To” box and selecting the “Additional encryption” option. The compose panel will become blue, with the words “New encrypted message” shown. Meanwhile, in Calendar, you may add “extra encryption” to the description, attachments, and Google Meet call by clicking the shield symbol next to the event title.
Encrypting Drive files and Calendar events is a good addition, but CSE safeguards may be most effective in Gmail. After all, organisations are more likely to send emails to third parties than to exchange files or calendar invitations. In any event, Google claims that CSE now covers all key Workspace applications.
