Google has announced a new method for encrypting emails for Gmail enterprise accounts. The current email encryption method is Secure/Multipurpose Internet Mail Extensions (S/MIME), which often requires plugins or extensions for both sender and recipient to encrypt and decrypt. IT admins face difficulties in installing digital certificates for individual users, as well as user-side complexities, leading to limited email encryption dissemination.
Gmail’s new approach involves client-side encryption (CSE) where the Gmail client handles all encryption tasks. The advantage is that organization admins are relieved of any encryption obligations, except for storing encryption keys inaccessible to Google. Recipients will experience the following conditions:
– Gmail users (both personal and enterprise accounts) can instantly read encrypted emails as if using regular Gmail.
– Non-Gmail users will receive an invitation as a guest of the organization’s Google Workspace to securely access emails via a limited-feature web version of Gmail for reading and responding.
– Recipients with S/MIME settings already in place will receive S/MIME encrypted emails as usual.
Organization admins can configure all external recipients to read emails exclusively through the limited-feature Gmail version to prevent encrypted emails from being stored on external servers or devices.
Source: Google, The Verge
TLDR:
Google introduces a new encryption method for Gmail enterprise accounts, simplifying email encryption for organization admins and recipients while enhancing security.
Leave a Comment