Google has announced that E2EE (end-to-end encryption) will be added to Gmail. This allows users of Google Workspace to receive and send encrypted email within their own domains.
, as Google refers to E2EE, was for Google Drive, Google Docs and Google Sheets.
Gmail client-side encryption can be enabled once the server is set up. This will protect any confidential data in an email body or attachments from being decrypted.
Google explained that Client-side encryption (CSE) is used with Google Workspace Client before data are transmitted to Drive or stored there.
Google servers cannot access encryption keys or decrypt data. Once you have set up CSE you will be able to choose who can make client-side encrypted content, and then share that information internally or externally.
You can submit your , which must include the email address and Project ID as well as the test group domain.
Gmail E2EE beta for Education Plus and Education Standard customers is available at the moment.
According to the company, this feature isn’t yet available for users who have personal Google Accounts.
Once Google email has confirmed that your account is available, administrators can create Gmail CSEs for their users using procedure will set up the environment and prepare S/MIME certificate for each test user.
This feature will default be disabled and can be turned on at the Domain, Organizational Unit, or Group level by visiting Admin console > Security > Data control > Client-side encryption.
After enabling E2EE, click the lock icon near the recipients field to toggle it on. Then click “Turn On” below the “Additional Encryption” option.
Then, you can compose your Gmail messages and attach email attachments just like you normally would.
Google : “Google Workspace uses the most recent cryptographic standards to encrypt data in transit between facilities.”
Client-side encryption is a way to strengthen your confidentiality while also addressing a wide range of compliance and data sovereignty needs.