Given that Google Docs has been ubiquitous in the past year, a major criticism from workplaces that use it is often overlooked that it is not end-to-end encrypted, allowing Google – or any government agency that requests it – to access company files .
Google is now addressing this major complaint with a round of updates that allow customers to protect data by storing their own encryption keys.
Workspace, the productivity suite that includes documents, presentations, and spreadsheets, adds client-side encryption so that corporate data is rendered indecipherable by Google.
Companies using Workspace can store their cryptographic keys with one of four partners currently, Flowcrypt, Futurex, Thales or Virtru, that meet Google’s specifications.
The move largely targets regulated industries – such as finance, healthcare and defense – where intellectual property and sensitive data are subject to strict privacy and compliance rules.
The solution arrives later in the year. And that’s after Google publishes details of the API that allows enterprise customers to build their own internal key service.
Google gives organizations greater control:
Google published details Technical on how the client-side encryption feature works, and is rolling out as a beta in the coming weeks.
The trend of technology companies giving their corporate and corporate customers control over their encryption keys has increased in recent years.
Slack has followed the trend by allowing enterprise users to store their own encryption keys. But Google has been slow on encryption for so long that startups are building alternatives that work on encryption.
Google said it’s also introducing new trust rules for how you share files in Google Drive. This is to give administrators more details about how different levels of sensitive files are shared. Along with new data classification labels to distinguish documents with a level of sensitivity such as confidential or internal.
Google is improving its malware protection efforts by blocking phishing and malware that is shared from within organizations. By doing so, it aims to help reduce employees’ accidentally sharing of harmful documents.
Topics of interest to the reader: