Google he said on Friday that the new operation Client-side Encryption σαν Beta για την web version of the Gmail service. During the Beta version, the access in operation will be limited to select customers of the Enterprise and Education packages.
Client-side Encryption will protect email messages, the message body and attachments, from being accessed by unauthorized parties. Emails protected with client-side encryption are stored "unencrypted on Google's servers" and third parties that "listen" to network traffic. Gmail, by default, uses TLS encryption.
Customers can set their own encryption keys according to Google to encrypt data. Function security it is already available for selected Google services, such as Google Drive, Google Meet and Google Calendar (also in Beta version).
The data will be encrypted in the local browser before it is transferred or stored by Google in the cloud. Google servers do not have access to the data, as the encryption key will only be available on the user system.
The email header, including the email subject and recipients, will not be encrypted by the feature.
Client-side encryption is currently only available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. Those customers can apply for the beta until January 20, 2023, according to Google. The feature will not be available in all other Google Workspace plans, legacy Google Suite customers, and personal Google Accounts.
The security feature is disabled by default and should be enabled at the “domain, OU, and Group levels” using the admin console. It is located under Security > Access and data control > Client-side encryption or Security > Access and data control > Client-side encryption.
End users should enable the lock icon when composing a message to enable the encryption feature. The GIF below shows the functionality.
Emails that are encrypted will show "encrypted message" under the sender's name in Gmail. Opening the email may ask the user to log in with verification identity. Once completed, the email content will be decrypted.
Google published a support document which provides more details on implementing client-side encryption for Google Workspace administrators.