Client-side encryption (CSE) is now supported by Google’s Workspace services, including Google Drive, Docs, Sheets, and Slides, as well as a variety of file types, including Office documents, PDFs, and others. Additionally, the feature will be rolled out to Gmail, Meet (currently in beta), and Calendar.
CSE gives you complete control over your private encryption keys and the identity provider you use to access them. In addition to addressing a wide range of data sovereignty and compliance requirements, Google claims that it helps you strengthen the confidentiality of your sensitive or regulated data.
Client-side encryption can be enabled with the help of an encryption key service from one of Google’s partner services (Flowcryt, Fortanix, Futurex, or Thales). Google Workspace files can be decoded by your chosen partner, or you can use software provided by your partner to hold the keys locally. As a reminder, this key is required to access or decipher these files.
Also read: Innovations in energy technology are part of China’s five-year plan
The Google CSE API can also be used to create your own service.
The Enterprise Plus and Education Plus editions of Google Workspace have access to client-side encryption; all other editions, including Workspace Essentials (including Business Starter), Education Fundamentals (including Frontline), and Nonprofits (including Nonprofits), will have to make do without it. After up to 15 days, you’ll be able to use the new feature!
In the domain, OU, and group configurations, administrators can turn on the feature. Select “Client-side encryption” from the Security menu in the Admin console’s Security section.