When Google introduced Tuesday that end-to-end encrypted messages had been coming to Gmail for enterprise customers, some individuals balked, noting it wasn’t true E2EE because the time period is understood in privateness and safety circles. Others puzzled exactly the way it works underneath the hood. Right here’s an outline of what the brand new service does and doesn’t do, in addition to a number of the primary safety that underpins it.
When Google makes use of the time period E2EE on this context, it signifies that an e-mail is encrypted inside Chrome, Firefox, or simply about another browser the sender chooses. Because the message makes its strategy to its vacation spot, it stays encrypted and may’t be decrypted till it arrives at its last vacation spot, when it’s decrypted within the recipient’s browser.
Giving S/MIME the heave-ho
The chief promoting level of this new service is that it permits authorities businesses and the companies that work with them to adjust to a raft of safety and privateness laws and on the similar time eliminates the large complications which have historically plagued anybody deploying such regulation-compliant e-mail methods. Thus far, the most typical means has been S/MIME, an ordinary so complicated and painful that solely the bravest and most well-resourced organizations are inclined to implement it.
