On Gmail’s 21st birthday, Google announced a major update that allows enterprise users to send end-to-end encryption (E2EE) to users in any email inbox with a few clicks.
The feature is rolled out in beta today, allowing users to send E2EE emails to Gmail users within their organization, and will be able to send E2EE emails to Gmail Inbox in the coming weeks and send them to their email inbox later this year.
New Encryption Model – An alternative to the Secure/Multipurpose Internet Mail Extension (S/MIME) protocol is its distinctiveness.
“This feature, which requires minimal effort for both IT teams and end users, abstracts the traditional IT complexity and substandard user experience of existing solutions, maintaining enhanced data sovereignty, privacy and security controls.”
The technology that enhances E2EE email is client-side encryption (CSE). This is already being deployed by Google to other services such as Gmail, Calendar, Drive, Docs, Slide, Sheet, and Meet.
Therefore, when an E2EE email is sent to another Gmail recipient, the message is automatically decrypted at the other end. For non-Gmail recipients (such as Microsoft Outlook), Google’s email platform will send you an invitation to view E2EE emails in a restricted version of gmail.
The fact that this is driven by CSE means that the data is encrypted to the client before it is sent or stored in Google’s cloud-based storage.
That said, one important difference between CSE and E2EE is that clients use encryption keys generated and stored in cloud-based key management services, allowing organization administrators to control the key, revoke access to the user’s key, and monitor encrypted files.
“Firstly, at the structural level, this approach offers more comprehensive cryptographic protection,” Burke and DePlain said. “It doesn’t matter who you send a message to, what email you use, what messages are encrypted and what you have as the only control. There’s only one set of keys.
“Secondly, it’s easy to implement and use. It reduces friction for both this team and users. It doesn’t have to be a cryptographic savant to do this work, so it saves the team a ton of money and ultimately gives them a path to what everyone is craving.
Source link
