When sending private emails, you want to make sure it’s going to the right person, especially if that email contains your personal information.
Sending a regular email message with core personal information such as banking details, your home address, and more can pose an immediate risk.
If you use Gmail, today is your lucky day because the email service has developed a new encryption service that will make the messages you send way more secure.
What does Gmail’s new encryption service do?
Experts at Gmail are adding a new end-to-end encryption service, allowing enrolled Google Workspace folks to send encrypted emails both within and outside their domain. This is important because email encryption is a way to keep messages extra safe, as only the sender and receiver of the email will be able to read it.
The sender and receiver will have special key codes, and only those codes can unlock the emails. The only way for outsiders to be able to read the messages is if they obtain access to those key codes.
Once your encryption is set up, Google servers cannot access your encryption keys or decrypt your data, so your information is entirely private. The only information that will not be encrypted is the header of your email, including the subject, timestamps, and recipients lists.
When and how can I set up Gmail’s new encryption service?
The new encryption service will officially go live for people on Gmail beginning on January 20, 2023. To use this encryption service, you must have either Google Workspace Enterprise Plus, Education Plus, or Education Standard. If you use any of one of these services, you can then apply for the Gmail CSE beta by filling out their testing application form. The form is pretty basic and just asks for your email address, project ID, test group domain, and a few other bits of information.
Once you receive a notification that your account is ready, here’s how to set up Gmail CSE beta
- Sign in to the Google Admin console with a super administrator account
- Go to Security > Client-side encryption
- Click Gmail
- In the left panel, select the group that you submitted in your Gmail CSE enrollment form
- Set User access to On. It can take up to 24 hours for a new setting to take effect, although it usually happens much faster
What if I’m not a person who uses Google Workspace?
If you’re not a Google Workspace person and just have a regular Gmail account, this end-to-end encryption will be available in a later release. However, all emails sent between people who both have Gmail have a form of encryption on them by default with Gmail’s Encryption in Transit service.
Also known as Transport Layer Security, this protects your messages against being read by someone with access to the networks through which the email is traveling on its way from the sender to the destination. However, this only works when the other email provider supports TLS encryption and does not encrypt email while it is stored on a server.
Can I encrypt my emails by using Gmail?
Gmail does not offer the option to encrypt emails with a service like PGP or password-protected messages. However, Gmail does allow people to send emails in Confidential Mode. This helps protect private and sensitive information from unauthorized access by allowing you to set an expiration date for the messages or revoke access at any time. Recipients of these emails will not be allowed to forward, copy, download, or print any content contained within the email. This is not the same as encryption, although it adds an extra layer of privacy to put your mind at ease should you want to use it. Here’s how to send an email via Gmail in Confidential Mode:
- Log into your Gmail account
- Click Compose
- In the bottom right of the window, Turn on confidential mode by toggling the lock icon. If you’ve already turned on confidential mode for an email, go to the bottom of the email, then click Edit.
- Set an expiration date and passcode. These settings impact both the message text and any attachments
- If you choose “No SMS passcode,” recipients using the Gmail app will be able to open it directly. Recipients who don’t use Gmail will get emailed a passcode
- If you choose “SMS passcode,” recipients will get a passcode by text message. Make sure you enter the recipient’s phone number, not your own
- Click Save
What options do I have now for private and secure email that allows me to also encrypt my emails?
Our top pick for private and secure email is StartMail. StartMail is all about privacy. StartMail keeps your email private because every email is encrypted, even if the recipient doesn’t use encryption. This means Big Tech can’t read, scan, analyze, or sell my personal information – ever.
StartMail also prevents government agencies from spying on you – like in dragnet operations, so not even Big Brother can snoop around your email. Also if you delete an email, it’s actually deleted and gone forever.
To find out more about StartMail and other email providers that give encryption, click here.
Related:
- Control spam – How to create a quick alias email address
- How to migrate your mail to private email
- How to create a disposable email address