Gmail Security and Encryption: What Admins Need to Know

With its ease of use, rich feature set and flawless integration with Google Apps (now known as G Suite), Gmail is a huge boon to organizations. It’s supported by a well-designed Gmail security toolset, protecting businesses with multi-factor authentication, password strength monitoring and built-in SSL/TLS encryption.

Unfortunately, although SSL/TLS is widely used and fairly secure, it’s not unbreakable. If you send an email and it travels through a compromised server or one using outdated encryption, it could be vulnerable to attacks by malicious actors. Virtru enhances Gmail security with military grade encryption, keeping sensitive emails and attachments safe in the cloud, making an already awesome system even better.

How Virtru Works

Virtru is an Encryption as a Service (EaaS) platform that provides data-agnostic, client-side encryption for Gmail and other popular cloud applications; it protects emails, attachments and other files from the moment they leave the sender’s machine until they reach their destination, preventing the man-in-the-middle attacks that can compromise transit and portal encryption methods, such as SSL/TLS.

When a Virtru user sends an email, it is encrypted using 256-bit AES encryption, and sent directly to the recipient’s server. The symmetric key is transferred to a Virtru key server, using an Elliptical Key Diffie-Hellman Exchange (which, basically, is a secure agreement to share two encryption keys). When the recipient’s identity is verified — either through email-based verification, or through an identity service such as OpenID, the key is securely transferred to the recipient, allowing them to read the email.

Encrypting Gmail with Virtru prevents anyone but the intended recipient from reading the email. Even if a malicious actor somehow managed to breach our secure server and steal the key, they couldn’t decrypt the file, because we don’t have access to it — it’s stored and encrypted on the recipient’s server. Additionally, we use perfect forward secrecy, so a single compromised email wouldn’t affect the security of other emails.

Virtru can optionally be configured to store the file in a two-key implementation, if a client needed to store the email on our servers. In that case, Virtru would only control one key, while the other would be controlled by the recipient. As in the standard one-key implementation, Virtru (or an intruder with access to our server) would not be able to decrypt the file, since we wouldn’t have the crucial, second key.

Encrypting Gmail with Virtru — Basics

Anyone can learn how to encrypt Gmail with Virtru in a few minutes; it requires no new accounts or unwieldy interfaces like portals do, or key management, like public-key encryption systems like PGP or S/MIME. Users can get Virtru with one click, installing it as a browser add-on.

Once it’s installed, users can immediately begin encrypting Gmail from their message composition window. They’ll see a gray bar with a “V” slider at the top of the window, informing them that “Virtru protection is OFF.” When they click the “V,” the bar will turn blue, and display the message, “Virtru protection is ON.” The “Send” button will become “Secure Send,” indicating that their email will be encrypted, along with any attachments.

While portals and public-key encryption can only send messages to people who use the same service, encrypting Gmail with Virtru lets you send messages to anyone. Recipients without Virtru will receive a message that they have an encrypted message, which they can unlock with one click.

Advanced Gmail Security with Virtru

Virtru provides tools that go beyond merely encrypting Gmail, giving users and organizations more control over email. With Virtru Pro, users can rescind emails even after they’ve been read. They can also set time limits on emails, or disable forwarding to prevent sensitive information from falling into the wrong hands.

Virtru DLP helps organizations prevent accidental exposures of sensitive data. Administrators can set rules to automatically:

  • Enforce encryption
  • Strip attachments
  • Add text
  • Forward emails to an administrator
  • Warn users before emails are sent

For example, an admin could strip all attachments from emails sent outside the organization, or warn users if they’ve included Social Security Numbers in an email.

Virtru DLP comes with a full set of standard and compliance regime-specific rules, making it easy to configure. Administrators can also create custom rules, tailored to the needs of their organization.

Complete Gmail Security for Any Organization

Encryption is the best way to secure sensitive data, but it can’t do its job unless it’s easy enough for the entire organization to use. Virtru fortifies Gmail security with a single click, and gives organizations the power to prevent the accidental breaches that can lead to damaging leaks. Read more about the military-grade technology that powers Virtru Encryption as a Service, or contact us to learn how Virtru can keep your data safe.

Subscribe to Our Newsletter

Connect With Us

Dive Deeper