Google is updating Gmail to permit enterprise customers to ship encrypted messages to any inbox in only a few clicks. Google says it’s developed a brand new encryption mannequin that, in contrast to the present encryption function on Gmail, doesn’t require senders or recipients to make use of customized software program or alternate encryption certificates.
The function is rolling out in beta beginning immediately, and can initially be obtainable for Google enterprise customers to ship encrypted emails to different Gmail customers throughout the similar group. Google says this can develop to emails despatched to any Gmail inbox “within the coming weeks,” and to inboxes from any third-party e mail supplier “later this 12 months.”
Gmail’s present encryption function, based mostly on the Safe/Multipurpose Web Mail Extensions (S/MIME) protocol, can already be used to ship exterior emails. Doing so requires the recipient to have S/MIME configured and full a number of steps with the sender earlier than emails will be securely exchanged, nonetheless.
The brand new course of will enable Gmail customers to easily toggle on “further encryption” within the e mail draft window to ship an encrypted message. Non-Gmail recipients with out S/MIME will then be offered a hyperlink to signal right into a visitor Google Workspace account to securely view and reply to the e-mail in a restricted model of Gmail. If the recipient already has S/MIME configured then Gmail will ship the message by way of the S/MIME course of it presently makes use of. Emails to each enterprise and private Gmail accounts can be robotically decrypted within the recipient’s inbox.
The encryption offered utilizing this new system is increased than the usual Transport Layer Safety Gmail makes use of by default on all emails, however we must always observe that this isn’t technically end-to-end encryption (E2EE), even when that’s what Google is looking it. The up to date functionality is powered by client-side encryption, which supplies workspace directors management over encryption keys, permitting them to revoke consumer entry and “monitor consumer’s encrypted information,” in keeping with Google’s assist web page.