Google introduces end-to-end encryption for Gmail on the web for Businesses

enaph

enaph

Level 28
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,790
Content source
https://www.bleepingcomputer.com/news/security/google-introduces-end-to-end-encryption-for-gmail-on-the-web/
Google announced on Friday that it's adding end-to-end encryption (E2EE) to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within and outside their domain.

Client-side encryption (as Google calls E2EE) was already available for users of Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar (beta).

Once enabled, Gmail client-side encryption will ensure that any sensitive data delivered as part of the email's body and attachments (including inline images) can not be decrypted by Google servers — the email header (including subject, timestamps, and recipients lists) will not be encrypted.
Click to expand...
www.bleepingcomputer.com

Google introduces end-to-end encryption for Gmail on the web

Google announced on Friday that it's adding end-to-end encryption to Gmail on the web, allowing enrolled Google Workspace users to send and receive encrypted emails within their domain and outside their domain.
www.bleepingcomputer.com www.bleepingcomputer.com
 
Last edited by a moderator:
  • Like
Reactions: silversurfer, simmerskool, brambedkar59 and 4 others
Z

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
More and more we are seeing companies move to E2EE. The less data you hold the better, it's a liability holding vast troves of data. It doesn't stop people complaining about 'going dark', but that argument is wrong as there are plenty of other ways to collect data and track users.
 
  • Like
Reactions: enaph and simmerskool
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
On Tuesday, Google made client-side encryption available to a limited set of Gmail and Calendar users in a move designed to give them more control over who sees sensitive communications and schedules.

Client-side encryption is a generic term for any sort of encryption that’s applied to data before it’s sent from a user device to a server. With server-side encryption, by contrast, the client device sends the data to a central server, which then uses keys in its possession to encrypt it while it’s stored. This is what Google does today. (To be clear, the data is sent encrypted through HTTPS, but it's decrypted as soon as Google receives it.) Google’s client-side encryption occupies a middle ground between the two. Data is encrypted on the client device before being sent (by HTTPS) to Google. The data can only be decrypted on an endpoint machine with the same key used by the sender. This provides an incremental benefit since the data will remain unreadable to any malicious Google insiders or hackers who manage to compromise Google servers.

Abbreviated as CSE, client-side encryption was already available for Google Drive, Docs, Slides, Sheets, and Meet for users of Google Workspace, which the company sells to businesses. Starting on Tuesday, Google is rolling it out to customers of Gmail and Calendar Workspace.
Click to expand...
arstechnica.com

Google adds client-side encryption to Gmail and Calendar. Should you care?

New service occupies a middle ground between E2EE and mere server-side encryption
arstechnica.com arstechnica.com
 
  • Applause
  • Like
  • +Reputation
Reactions: vtqhtr413, silversurfer and harlan4096
You must log in or register to reply here.

Similar threads

Ink
    • Like
New Update FlowCrypt - PGP Encryption for Gmail
Replies
1
Views
351
Web Extensions
Bot
Bot
CyberTech
    • Like
    • Applause
New Update Gmail's client-side encryption is now available on Android and iOS
Replies
0
Views
429
Office, email and business apps
CyberTech
CyberTech
Gandalf_The_Grey
    • Applause
    • Like
    • +Reputation
Security News European Court of Human Rights bans weakening of secure end-to-end encryption
Replies
1
Views
1,173
Security News
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top