Google has announced that Gmail’s client-side encryption mode is now generally available for businesses and educational organizations, after it launched in beta last year. The feature makes it so even Google itself can’t see the contents of the emails it’s hosting, with data being “encrypted before it reaches Google servers.” The company says this can be helpful for companies that have to meet strict compliance or privacy standards.
In a blog post on Tuesday, Google writes that client-side encryption for Gmail gives customers “sole control over their encryption keys — and thus complete control over all access to their data.” Users can encrypt emails they’re sending within their organization, as well as emails they’re sending to other parties, even if the recipient doesn’t use Gmail.
Reports about the company working to strengthen the encryption for its email service go back to at least 2014, so it’s good to see that client-side encryption is finally here. However, the feature isn’t intended for everyone — it’s only available to people with Workspace Enterprise Plus, Education Standard, or Education Plus accounts, not personal ones. It’s also not particularly easy to set up, as the process seems geared toward IT departments.
While Gmail is arguably one of the most important applications for client-side encryption, Google has also rolled out the option to use the feature for several of its other Workspace apps, such as Drive, Docs, and Meet. Earlier this month, it also announced that client-side encryption was generally available for Google Calendar, letting companies add additional protection for an event’s description and attachments.