Google has expanded end-to-end encryption for Gmail to Android and iPhone devices through the official Gmail app. This feature was earlier rolled out to desktop users within Workspace, and now it’s available on mobile devices with the same approach.
Currently, access is limited to organizations that use Google Workspace Enterprise Plus with either the Assured Controls or Assured Controls Plus add-on. Administrators need to enable client-side encryption on Android and iOS devices before users can start using the feature.
How Gmail’s Mobile End-to-End Encryption Works
When both sender and recipient use the Gmail app with end-to-end encryption enabled, encrypted messages appear as regular email threads. Users can tap the lock icon within the compose window and select "additional encryption" to send an encrypted message.
Recipients who do not use the Gmail client are directed to a secure web page to read and reply to the message. Attachments are also protected by encryption. Administrators are responsible for enabling client-side encryption at the organization level. Individual users do not need to obtain, configure, or exchange security certificates.
How This Differs From S/MIME
Traditional enterprise email encryption has typically depended on S/MIME, which requires issuing certificates to each user and exchanging them before encrypted messages can be sent. Google's approach eliminates this need for Gmail-to-Gmail communication, easing the setup process for both users and IT teams.
However, this process isn't fully seamless for all recipients. Those outside the Gmail app still need to use a browser to access encrypted messages. For Gmail users, the only step once the feature is enabled by the administrator is to toggle the encryption option on or off.
Compliance and Data Protection Context
End-to-end encryption in Gmail is particularly relevant for organizations subject to data protection rules such as GDPR, which outlines how sensitive information should be handled and transmitted. Some regions also have data sovereignty laws that restrict where certain data can be stored or sent. Using E2EE helps reduce the risk of data being intercepted during transmission, which can impact compliance with these regulations.
Google has not provided a timeline for expanding Gmail E2EE access beyond Google Workspace Enterprise Plus or for making it available to individual Google accounts.
Thank you for being a Ghacks reader. The post Gmail Adds End-to-End Encryption for Android and iPhone Users in Google Workspace appeared first on gHacks.
☞ El artículo completo original de Arthur Kay lo puedes ver aquí
No hay comentarios.:
Publicar un comentario