Google is updating Gmail to permit enterprise customers to ship encrypted messages to any inbox in only a few clicks. Google says it’s developed a brand new encryption mannequin that, in contrast to the present encryption function on Gmail, doesn’t require senders or recipients to make use of customized software program or trade encryption certificates.
The function is rolling out in beta beginning immediately, and can initially be obtainable for Google enterprise customers to ship encrypted emails to different Gmail customers throughout the identical group. Google says this can broaden to emails despatched to any Gmail inbox “within the coming weeks,” and to inboxes from any third-party electronic mail supplier “later this yr.”
Gmail’s present encryption function, based mostly on the Safe/Multipurpose Web Mail Extensions (S/MIME) protocol, can already be used to ship exterior emails. Doing so requires the recipient to have S/MIME configured and full a number of steps with the sender earlier than emails may be securely exchanged, nevertheless.
The brand new course of will enable Gmail customers to easily toggle on “further encryption” within the electronic mail draft window to ship an encrypted message. Non-Gmail recipients with out S/MIME will then be supplied a hyperlink to signal right into a visitor Google Workspace account to securely view and reply to the e-mail in a restricted model of Gmail. If the recipient already has S/MIME configured then Gmail will ship the message by way of the S/MIME course of it presently makes use of. Emails to each enterprise and private Gmail accounts shall be mechanically decrypted within the recipient’s inbox.
The encryption supplied utilizing this new system is larger than the usual Transport Layer Safety Gmail makes use of by default on all emails, however we should always observe that this isn’t technically end-to-end encryption (E2EE), even when that’s what Google is looking it. The up to date functionality is powered by client-side encryption, which provides workspace directors management over encryption keys, permitting them to revoke consumer entry and “monitor consumer’s encrypted recordsdata,” according to Google’s help page.