All Gmail business users can now easily apply end-to-end encryption on their emails. Before today, this was a luxury reserved for large companies with significant IT resources, but Google recognizes that E -Mail attacks are increasing everywhere.
As of today, Gmail users can send encrypted emails to others in their organization; In the coming weeks, they will also be able to send encrypted E emails to Gmail -In -Bakker outside their organization, with support for all E -mail inboxes expected later in the year. To obtain early access to E2EEE emails in Gmail, fill in Google’s application before general accessibility.
How users and it can use E2EE in gmail
Emails sent with Gmail’s end-to-end encryption are extremely secure because only the sender has control over the encryption key stored outside Google’s infrastructure. Users can click the padlock at the BCC button and press Turn on under the additional encryption setting to apply it.
The security function can be used for e emails sent to anyone, whether within the user’s organization or even using Gmail. If the recipient uses Gmail, the e -mail is automatically decrypt in their inbox; If they do not, they will be sent an invitation to open it in a limited version of Gmail, which requires them to log in to a guest Google Workspace account.
IT teams can request that all external recipients, whether using Gmail, open encrypted E emails in the limited version of Gmail. This can be preferred at Hyper Security -conscious companies as it ensures that communication does not end up being stored on third -party servers and units. IT teams can also retroactively use security policies or revoke access to E emails, in this case.
If the recipient has secure/multipurpose Internet Mail Extensions (S/MIME) Configured-The Traditional, Resource Intensive Protocol for Sending Encrypted Messages, such as Gmail’s new feature replaces the email using it as normal.
SEE: Gmail vs Google Workspace: Key differences for users and businesses
Gmail’s E2EE does not require extensive IT resources
Google can provide end-to-end encryption without requiring companies to have extensive IT resources thanks to its sky storage. The e -mail is encrypted on the sender’s device before it is stored in Google’s cloud, eliminating the need for a technical team to acquire and manage certificates. This process makes the message indescribable to Google and other third parties, ensuring that data protection provisions such as HIPAA are met.
In addition, Google rolls out a number of other security features:
- An end-to-end encryption default mode for teams that handle sensitive data.
- Classification labels to help users recognize message sensitivity.
- Data Prevention Prevention Tools that enable Automatically Use of Rules to Manage and Block Messages Based on their Labels.
And a new threat protection AI model has been introduced to improve Gmail’s defense using AI to detect spam and phishing trials before reaching users.
How Gmail’s end-to-end encryption democratizes high-security emails
End-to-end encryption is typically only available to regulated companies with large IT budgets. S/MIME requires technical staff to acquire and manage digital certificates – cryptographic keys used to authenticate the sender and encrypt the e -mail – who eat away at their time. Certificates must also be exchanged before the encrypted messages and create trouble for both the sender and the recipient.
In addition, this approach only works if both the sender and the recipient have implemented S/MIME, which is only possible if E emails are sent to a small, predefined group of people guaranteed to have it created.
There are other options than S/MIME to send encrypted E emails, but they come with their own problems. Encryption features offered via E email providers require encryption keys that are shared, creating a security risk. Proprietary point solutions often require the recipient to download a third-party app or extension that causes inconvenience and their IT team may not allow it.
With Gmail’s end-to-end encryption, only the sender has the encryption keys, no specialized IT staff are required and there is no need to exchange certificates or use custom software.