Google is introducing a new Gmail encryption feature for enterprise users that simplifies sending encrypted emails. Unlike the current S/MIME-based system, the new model doesn’t require special software or certificate exchanges. Initially available in beta for emails within the same organization, it will soon support all Gmail addresses and eventually third-party providers.
Users can activate encryption with a simple toggle, and non-Gmail recipients without S/MIME will access messages through a secure guest Google Workspace portal. Though more secure than standard TLS, the system uses client-side encryption—not full end-to-end encryption—giving administrators control over encryption keys and access.