Earlier this year, Google Drive including Docs, Sheets, and Slides received a client-side encryption update which made it easier to keep your files safe from prying eyes by using encryption keys that only you and the file collaborators would have access to. While these services already feature the latest in cryptographic standards and all of your data whether at rest or in transit at Google is protected, this helps increase the confidentiality of your data and gives you peace of mind that the control is in your hands!
Now, Google is expanding client-side encryption to Drive for Desktop and Google Meet with a new beta. With it, your personal data in Google’s servers will be indecipherable to Google. That’s pretty cool, right? Well, being that the company is one of the largest and most powerful data companies in the world, I personally find that hard to believe, but I’ll have to do more research in order to fully understand it.
Basically, you’ll choose a key access service partner: Flowcrypt, Futurex, Thales, and Virtru are available during the beta. Then, they will generate and provide an encryption key to you and it will hold onto the other in order to help you decode encrypted Workspace files so you can view and work with them. The fact that this is happening out of Google’s hands means that they never have access to your data and can’t understand it at all, apparently.
With this beta expanding to Chat, this means that your calls will have the option over the next few weeks of being encrypted by the host using one of a number of key access service partners. Not only will you be able to make use of those aforementioned, but the company is adding two new partners – Fortanix and Stormshield for those looking for a dedicated partner that integrates with ky access service APIs (which just became available for public use).
Google is initially making this beta available to Workspace Enterprise Plus and Education Plus subscribers, and if you fall into that category, you can apply for access immediately. Interestingly, anyone who had access to the beta back when it was only for Drive on the web and related services will have to reapply if they want to encrypt Google Meet going forward.
For everyone like myself who are in the back of the class and don’t really understand encryption beyond the basics, you just need to know that Google hopes to provide a stronger sense of confidentiality for user data while helping to address different compliance needs across industries that rely on its services to store and process customer data. All in all, it’s a welcome addition, but I long for the day when this comes out of beta and is available to everyone by default with little to no setup.