|Today Google announced the beta for Google Workspace Client-side encryption, which is available to Google Workspace Enterprise Plus and Google Workspace Education Plus customers.
The beta will be available for Google Drive, Docs, Sheets, and Slides, with support for all file types in Drive including Office files, PDFs, and more. Google is committed to a roadmap that enables Client-side encryption across Google Workspace, including Gmail, Meet, and Calendar.
Support for Google Meet is coming in the fall. Follow the Google Workspace Updates blog to learn when that’s available.
The beta will start rolling out in the next few weeks, but eligible customers can now apply for the beta here.
Why it’s important
Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between its facilities. But with Client-side encryption, Google taking this a step further by giving customers direct control of encryption keys and the identity provider used to access those keys. This can help you strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.
When using Client-side encryption, customer data is indecipherable to Google. Customers can create a fundamentally stronger privacy posture, whether that’s to comply with regulations like ITAR and CJIS or simply to better protect the privacy of their confidential data
To enable Client-side encryption, you’ll choose a key access service partner: Flowcrypt, Futurex, Thales, or Virtru. Each of these partners have built tools in accordance with Google’s specifications and provide both key management and access control capabilities.
Your partner of choice holds the key to decode encrypted Google Workspace files, and Google cannot access or decipher these files without this key. If you prefer to build or integrate your own in-house key services, Google will be publishing the key access service API specifications that can be used with Client-side encryption later this year.