Google Updates Gmail with Encrypted Email Support for Enterprise Users

Through Gmail, Google is making it simple for its business users to send end-to-end encrypted communications. The business announced that Gmail enterprise users would receive an enhanced end-to-end encryption mechanism to safeguard sensitive data within their email client. The internet giant from Mountain View announced on Wednesday that it has advanced the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol’s implementation in a more user-friendly manner, enabling users to send encrypted emails to other users on Gmail and other email clients. According to the firm, this will make it simple for companies with small IT departments to send encrypted emails. The business further says that the change will allow corporate users to send encrypted emails to recipients who are not Gmail users, but can use any email provider.

The modification applauds the encryption process’s simplicity by doing away with the requirement for certificate exchanges.

Google Workspace Senior Product Manager Johney Burke and Product Manager Julien Duplant wrote a blog post outlining the advantages of the new system. They highlighted that S/MIME requires certificates to be distributed and exchanged amongst all users prior to delivering encrypted communications.

The Google executives also pointed out that because S/MIME is expensive and complicated, few businesses really utilize it.

Google also explained in the new privacy feature for its email client in a blog post. It will allow eligible users to send end-to-end encrypted (E2EE) emails to any user on any email inbox in a few simple steps. Interestingly, this isn’t just being done from Gmail’s end; the emails are secured with user/customer-controlled encryption keys that Google servers won’t have access to in order to maintain security and privacy. Regardless of the destination client’s preferred email platform.

According to the internet giant, Google will be primarily responsible for adding this new functionality, which will need little work from end users or IT teams. Currently, the encryption functionality is being gradually introduced in beta. Enterprise users will be limited to sending encrypted emails to Gmail users within their own company at launch. The business will, however, expand it in the upcoming weeks to enable end-to-end encrypted email delivery to all email clients.

If the recipient is a Gmail user, the client will automatically decrypt the email in the inbox without the user having to do anything else; if not, Google will invite the recipient to use a guest Google Workspace account, allowing them to view the email in a restricted environment.

For businesses that use S/MIME, Gmail will send an encrypted email using this method for a more seamless experience; for non-Gmail users, a link to view the message via a restricted version of Gmail will be sent; and if the recipient is using Gmail (either as a personal customer or as an enterprise), the email will automatically decrypt in the inbox.

Burke and Duplant went on to say, “IT teams can also mandate that all external recipients use the restricted version of Gmail, even if they are Gmail users.” “This makes it less likely that the data of their company will wind up on servers and devices owned by third parties.”

In addition to the new encryption technique, Google has also introduced a new threat protection AI model to enhance spam and phishing detection, classification labels for simple email identification, a client-side encryption default mode so that IT teams can enforce encryption for sensitive teams, and data loss prevention (DLP).

According to Google, Gmail will soon include a number of other security capabilities in addition to E2EE email protection. These include the data loss prevention (DLP) tool, which enables users to automatically apply labels to emails and take action based on the selected label, the CSE default mode, which enables IT administrators to set E2EE messages as the default setting, and the classification labels, which aid users in understanding email sensitivity.

Early access to E2EE emails in Gmail is now only granted upon request.