Skip to content

Gmail’s end-to-end encryption rolls out for Workspace and Education accounts

  • by
  • 2 min read

Google has announced end-to-end encryption for Gmail on the web, available in beta for Google Workspace Enterprise Plus, Education Plus and Education standard customers. Users can sign up for the beta program until January 20, 2023. 

The company claims it can’t access users’ encryption keys and that they have full control over encryption keys and the identity service required to access said keys.

The feature is currently called Additional encryption and can be enabled on supported accounts by clicking the lock icon in the recipient field and selecting the appropriate option. 

Gmail's E2E encryption for Workspace and Education plans is live
The feature has to be enabled before sending an email. | Source: Google

This isn’t the first Google service to get end-to-end encryption either. Google Drive, Docs, Sheets, Slides, Meet and Calendar, although Calender is in beta now. 

However, getting the feature isn’t as simple as just applying for the beta program. It does require workspace users to set up their email environments by creating a new GCP project in the Google Cloud Console with the Gmail API enabled.

This new service account will need to be granted domain-wide access. Users will also need to generate S/MIME certifications for each user in the group who will test the new service, including both senders and receivers. You can find more information about the setup procedure in Google’s support article

Once you’re done setting up, you can fill out the Google Form application to apply for end-to-end encryption, including your email, project ID and test group domain. 

The encryption covers only the email body and attachments, including inline images. The email header isn’t encrypted, including the subject, timestamps and recipients lists.

While this may not be a complete solution, pushing end-to-end encryption on Workspace will help it stand against competitors like Proton, which offers full end-to-end encryption. 

In the News: Instagram introduces DM warnings to recover hacked accounts

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>