Google has taken a major step toward improving privacy and security for Workspace users, rolling out client-side encryption (CSE).
CSE is an integral part of a complete security approach since it ensures that only the owner can decrypt and view their own data. Google already deployed CSE for Drive, Docs, Slides, Sheets, and Meet last year, but is now finishing the rollout by bringing it to Gmail and Calendar.
Writing in a blog post, Google Workspace Director of Product Management Andy Wen and Product Manager Ganesh Chilakapati, outline how CSE compliments the privacy and security features already present in Workspace:
Workspace already encrypts data at rest and in transit by using secure-by-design cryptographic libraries. Client-side encryption takes this encryption capability to the next level by ensuring that customers have sole control over their encryption keys — and thus complete control over all access to their data. Starting today, users can send and receive emails or create meeting events with internal colleagues and external parties, knowing that their sensitive data (including inline images and attachments) has been encrypted before it reaches Google servers.
Remaining compliant with various regulations is a key benefit of CSE:
Users can continue to collaborate across other essential apps in Google Workspace while IT and security teams can ensure that sensitive data stays compliant with regulations. As customers retain control over the encryption keys and the identity management service to access those keys, sensitive data is indecipherable to Google and other external entities.
The rollout of CSE could help Google make significant headway, especially in those markets that require heightened security:
“We have been searching for the capability to guarantee that our encrypted communications remain inaccessible to third-parties, including our technology providers, for some time. Google appears to be uniquely positioned with client-side encryption in providing us with complete control over our sensitive data, ensuring that we remain compliant as an organization in the ever changing world of data regulation. These features now being available across Google Workspace represent a pivotal moment for us. We’re enthusiastic about the ability to continue to benefit from the efficiency in working that Workspace provides us with, whilst at the same time maintaining trust with our customers that their confidential data will stay private and compliant,” said Shaun Bookham, UK Operations & Technology Director at PwC.