Gmail’s New Encryption Can Make Email Safer. There are several ways for you to get yourself protected, and recently, Gmail just added a new way to get that done. It is best that you take advantage of this feature as it would really help you a lot.
Gmail’s New Encryption Can Make Email Safer
Google stated that they would be adding end-to-end encryption (E2EE) to Gmail on the web, enabling enrolled Google Workspace users to send and receive emails that are encrypted within and outside their domain.
End-to-end encryption is very important for communications mainly because it allows only the senders to get messages to see the content, Jeff Wilbur, the senior director of the online trust at the nonprofit Internet Society, according to lifewire in an email interview.
According to Wilbur, he stated that “This means that the message content can be seen by bad actors or rogue employees and is subject to access by law enforcement under warrant.” With the end-to-end encrypted email, only the sender and the recipient(s) have the data to unscramble the data, so it is quite safe from others trying to pry into your data
Messages Would be Safer
The Client-side encryption call “E2EE” by Google, is already available for Google Docs, Google Drive, Sheets, Slides, Google Meet, and Google Calendar Users. Now, if the new encryption is enabled, Google stated that data delivered as a part of the email’s body and attachments can not be decrypted by Google servers, however, the email header would not be encrypted.
According to Google on its Support Website “With Google Workspace Client-side encryption (CSE), content encryption is handled in the client’s browser before any data is transmitted or stored in Drive’s cloud-based storage.” With that, Google Servers would not be able to access your encryption keys and decrypt you data. Once you have set up CSE, you should be able to select which of the users can create client-side encrypted content and share it externally or internally.
In a genuine end-to-end encrypted messaging service, these two ends are the sender’s and the receiver’s devices – also called device-to-device encryption, Anurag Lal, CEO of the cybersecurity company NetSfere. According to him, this form of encryption is much safer because once the messages are encrypted on the device of the sender, they cannot get decrypted till it gets to the receiver’s device, making sure that only the intended recipient can access the messages.
If you are not a Gmail user, other email services are also offering end-to-end encryption. Robert Andersen, CEO of data security firm Grape ID, stated to Lifewire over email that people can make use of PGP encryption to encrypt their own emails, but there are also email providers that focus on email encryption, Like ProtonMail and Virtru. He stated that his own company is offering an “Add-on” encryption service that people can add with an existing email provider.
“sadly, implementing PGP encryption typically requires significantly more effort than most people want to put forth (watch online training videos),” he went on say. “ProtonMail has proven to be a great solution for those that do not mind changing their email providers and paying a subscription.”
End-to-end encryption is “essential” for emails for you to ensure, Kory Fong, Vice President of Engineering at Private AI, told Lifewire via email. This method seems to be the only way for you to be certain that just the sender and the recipient can view all the details and contained within that email.
He further stated that “So even the email provider that controls the servers can’t see what’s in the messages.” “Generally, email services like Gmail would encrypt your email in transit, but Google itself would be able to access the content and even offer access to third parties, but won’t without explicit consent.”
Fong stated that ProtonMail is the most well-known provider that offers end-to-end email encryption, even in its free tier. He stated that “The company uses asymmetric, zero-access encryption, meaning even ProtonMail itself can’t read what’s in your emails.”
Another approach for extra privacy-conscious users is for you to share a public key with other parties and encrypt their mail using the private key by default. Fong stated that “Software like GPG Suite and other GPG plugins make this easy to use.”
No matter the option you choose, E2EE for email is important because email is the gateway to your entire online identity and data, Andersen stated.