Google has started rolling out a new end-to-end encryption (E2EE) model for Gmail enterprise users, making it easier to send encrypted emails to any recipient.
While businesses also have the option to configure the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol to send digitally signed and encrypted messages, this requires significant resources, including deploying certificates to all users and exchanging them before sending the emails.
Google says that after Gmail’s new E2EE model rolls out, business users will be able to send fully encrypted emails to any user on any email service or platform without having to worry about complex certificate requirements.
“This capability, requiring minimal efforts for both IT teams and end users, abstracts away the traditional IT complexity and substandard user experiences of existing solutions, while preserving enhanced data sovereignty, privacy, and security controls,” Google said today.
“We’re rolling this out in a phased approach, starting today, in beta, with the ability to send E2EE emails to Gmail users in your own organization. In the coming weeks, users will be able to send E2EE emails to any Gmail inbox, and, later this year, to any email inbox.”
To send a new encrypted email, Gmail users only have to turn on the “Additional encription” option when writing the message. The email will be automatically decrypted when the recipient is a Gmail user with an enterprise or personal account.
Recipients using Google’s Gmail mobile app or non-Gmail email clients will receive a link to sign in and view the email in a restricted version of Gmail. The recipient can then use a guest Google Workspace account to view and reply to the encrypted message.
However, when the recipient has S/MIME configured on their account, Gmail will automatically send an E2EE email via S/MIME (just as it does today).
Gmail’s new E2EE capability is powered by the client-side encryption (CSE) Workspace technical control that enables organizations to use encryption keys stored outside Google’s servers and under their control to protect sensitive emails and documents,
This ensures that all transmitted data is encrypted on the client before being sent to Google’s cloud-based storage, which helps meet regulatory requirements, such as data sovereignty, HIPAA, and export controls, by rendering it indecipherable to Google and third-party entities.
Gmail CSE has been available for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers since February 2023, and was introduced in Gmail on the web as a beta test in December 2022 after an initial rollout to Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (in beta).
Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
Source link
-
-
-
-
-
-
-
-
