Google introduces workspace client encryption |
With Google Docs going everywhere for about a year now, a major criticism of workplaces using it is often overlooked, which is that it doesn't have end-to-end encryption that allows Google - or any government agency that requires it - to access corporate documents.
Google is now addressing this major complaint with a series of updates that will allow customers to protect their data by storing their own encryption keys.
Workspace is a productivity suite that includes documents, presentations, and spreadsheets. It adds client-side encryption so that Google can't decrypt corporate data.
Companies using Workspace can store their cryptographic keys in one of the four existing partners Flowcrypt, Futurex, Thales or Virtru, which meet Google's specifications.
This decision primarily targets regulated sectors such as finance, healthcare and defense, where intellectual property and sensitive data are subject to strict confidentiality and compliance rules.
The solution will be available later this year. This came after Google released details of an API that corporate customers can use to create their own internal key services.
Google gives organizations more control:
Google has published technical details of how the client-side encryption functionality works and will release a beta version in the coming weeks.
In recent years, there has been a growing trend for technology companies to give their companies and commercial customers control over their own encryption keys.
Slack is following the trend and allowing business users to store their encryption keys. But Google has been making slow progress on coding for so long, that startups are developing alternatives to coding.
Google said it has also introduced new trust rules for sharing files in Google Drive. This provides administrators with more detailed information about how sensitive files are shared at different levels. With a new data classification label to distinguish between documents with sensitive levels such as confidential or internal.
Google is improving its malware protection efforts by blocking phishing and malware spread within the company. This is intended to reduce the number of employees who accidentally pass on malicious files.