Google’s New Client-Side Encryption Adds Even More Security

Eligible admins can start using the beta version of Google's latest client-side encryption feature now with a few steps.

Your data is safer than ever: Google has added another security feature to its Workspace and education suites.

The tech giant is rolling out client-side encryption — Workspace Enterprise Plus, Education Plus, and Education Standard customers can all apply now for the beta version of the function.

Google has limited the new security feature to web browser use for now, but given how many companies operate remotely and from the cloud, that's a big boon for workforce security for everyone using Google's professional services.

What Is Client-Side Encryption?

Client-side encryption stands apart from the server-side variety, offering even more protection: Server-side encryption requires that the server remain trusted in order to stay secure, but any data that has already been encrypted on the client's side will always remain secure, even if bad actors attempt to access it from the server.

No one anticipates the server being breached, sure, but it never hurts to have another layer of security in case it ever is.

Technically, this isn't end-to-end encryption, as many tech sites have reported: End-to-end encryption refers to a communication process, with both the sender and receiver using a software key to encrypt a message before sending it and decrypt it after receiving it. Client-side encryption just allows the client to safely store data without allowing access from a server or service provider. Google explains it all in the blog post announcement:

“Using client-side encryption in Gmail ensures sensitive data in the email body and attachments are indecipherable to Google servers. Customers retain control over encryption keys and the identity service to access those keys.”

How to Get Started

Admins can start using the beta version of the security now with a few steps. First, you'll need to have an eligiable Workspace plan. Then, you'll have to find the feature and turn it on. The process will look like this:

Admin console > Security > Access and data control > Client-side encryption

Once the switch is flipped, all end users can add client-side encryption to any message by clicking the lock icon and selecting “additional encryption.”

This new tool isn't a huge leap from how Google ensures data is kept safe: The tech conglomerate already makes the functionality available for many popular services including Google Drive, Google Docs, Sheets, and Slides, Google Meet, and Google Calendar (in beta).

Staying Safe Online

From endless new Google Meet security updates to its pioneering focus on ensuring open source software stays bug-free, Google is keeping its eye on the cybersecurity ball.

If you're looking for a web conferencing service for your business, we'd rate Google Meet's services fairly highly, although there are plenty of other options as well.

And if protecting private data is a top concern, you'll be happy to know that new client-side encryption is just the tip of the iceberg for the service's security tools.

Written by:

Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and he has an art history book on 1970s sci-fi out from Abrams Books in 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.