What You Need to Know to Secure Your Data
Enterprises of all sizes turn to Google Apps for Work (now known as G Suite) to migrate their teams to the cloud. Google’s collaboration, sharing, and ease of use are second to none. In recent years, Google has bolstered its offering with new data security and privacy capabilities.
As security, privacy, and meeting regulatory requirements become top priorities for enterprise IT, it’s critical to understand how Google protects you, and when additional security measures might be beneficial.
In the cloud era, data security, privacy, and compliance are shared responsibilities between service providers like Google, enterprise IT organizations and end users. In this blog, we address the default data security features included in Google Apps for Work, highlight situations where you may need to add supplementary layers of data protection, and offer tips for maximizing your organization’s cloud safety.
1. How Does Gmail’s Built-in Encryption Protect My Data?
Google protects your data in two important ways. First, it enforces transport layer security (TLS) between Gmail clients and Google servers. Secondly, it secures your data at rest while in the Google ecosystem.
By providing TLS, Google for Work adds a critical layer of security that some on-premise solutions lack, and helps to ensure communications sent to or from your mail server will remain encrypted–provided the other servers that they travel through also support TLS. In addition, Google has made significant efforts to convince other service providers to use TLS.
TLS provides a solid foundation for email security, particularly for communications that remain inside the Google ecosystem. But since no cloud provider has control over servers outside of their own ecosystem, you ultimately have no control over how many servers your emails pass through, and no way to predict the security measures that these servers provide.
Through configuration options, administrators can mandate that communications only occur through encrypted channels. However, if the receiving party’s server that does not support TLS, the communication will not be allowed. This means the email will not reach its intended recipient.
Given these circumstances, and the fact that some on-premise email platforms do not support TLS like Google does, you might consider adding a client-side encryption tool like Virtru to your Google Apps domain. As the name implies, client-side encryption protects your data from the time it is created until it is consumed by your recipients, or anyone else to whom they send it. This additional layer of protection ensures security regardless of where you or your recipients share your data.
The below diagrams highlight where Google ensures encryption by default, and where client-side encryption adds additional protections.
Standard Gmail Point-to-Point Encryption
Virtru Client-Side Encryption
2. What is Google End-to-End, and How Can I Use It?
Google does not offer end-to-end encryption as a feature within Gmail, but they have released source code that allows users to build this capability manually. This source code, known as End-to-End, uses an open standard called OpenPGP. If you implement it properly, you can program a PGP plug-in for the Google Chrome browser.
Like traditional PGP, Google End-to-End also requires manual key exchanges. Both the sender and the recipient must have PGP properly configured and be privy to each other’s public keys. This means that, if you’re trying to send an encrypted message to a colleague using PGP, you first must retrieve his or her public key. If you happen to lose that key for any reason, you have to repeat the process again. This encryption method, while secure, is not ideally suited to mainstream use cases.
3. What Kind of Built-In Data Loss Prevention (DLP) Capabilities Do Gmail’s Content Compliance and DLP Features Provide?
Google Apps administrators can use Gmail’s Content Compliance and DLP features to scan content after it has already left the sender’s inbox and assign appropriate actions. You can use these rules to, for instance, reject a message that contains a certain keyword.
This feature works by routing email through Google’s servers, where it is decrypted, scanned by the content compliance engine, and then acted upon before being re-encrypted and sent to recipients. By necessity, this means that content is not encrypted end-to-end, and that Google can access unencrypted content.
To ensure end-to-end encryption, DLP must be pushed to the client side, where content can be scanned and acted upon before it hits the cloud. Virtru offers client-side DLP capabilities for organizations looking to ensure that sensitive info never leaves their devices unencrypted. Virtru DLP scans content before it ever leaves the sender’s inbox, keeping your most valuable data from ever hitting the cloud unprotected.
Virtru DLP adds some additional protections that Gmail DLP also provides, including the ability to:
4. How Does Google Help Me Achieve HIPAA Compliance?
One of the benefits of Google for Work’s secure cloud platform is that it helps organizations meet many HIPAA compliance requirements for data encryption and security. By leveraging its shared infrastructure, Google offers its customers greater security and compliance than legacy on-premise solutions–at a fraction of the cost.
However, as with all things in the cloud era, security relies on shared commitments from platform providers and customers. Google has developed tools and guidelines to ensure security and compliance, and they have strongly encouraged other service providers to leverage encryption, too. Despite these efforts, there are no assurances that your data will remain secure once it leaves Google’s protected ecosystem.
Since many covered entities must share PHI with patients, providers, insurers, and other organizations who do not use Google for Work, it is prudent to add an end-to-end encryption solution like Virtru to always ensure compliance. This additional layer of protection ensures perpetual HIPAA compliance, regardless of where you or your recipients share your data.
As the diagram below shows, Virtru encrypts emails and files from the client-side, which ensures HIPAA compliance no matter what platforms your recipients use:
In addition, Virtru DLP can provide a pre-populated rule pack for HIPAA compliance that can be easily installed across a Google Apps domain.
5. What is Google Apps Message Encryption (GAME) from Zix Corporation, and How Does It Protect My Content?
GAME by ZixCorp is a portal-based email security tool. Emails are flagged for protection by Zix, and messages and attachments are stored on a Zix portal server. Recipients are notified by email, and can then establish a user ID and password to access their content within the Zix Portal application.
This architecture adds additional security because by requiring new usernames and passwords to access sensitive content. However, Zix does not provide end-to-end encryption. Unencrypted plaintext is sent over an SSL connection, giving intermediate providers access to this unprotected content.
This distinction means that ZixCorp manages the encryption keys and could have access to unencrypted versions of emails and attachments sent through GAME. This architecture introduces additional security risks and does meet the requirements of certain regulations like ITAR and CJIS, which mandate that no intermediate party can ever have access to unencrypted content.
Only client-side encryption approaches like S/MIME, PGP, and Virtru ensure that content remains encrypted until it arrives on the intended recipient’s device. As a result, only senders and receivers ever have access to the decrypted email content. Third parties do not.
GAME by ZixCorp (And All Other Portal-Based Encryption)
Client-Side Encryption (S/MIME, PGP, Virtru)
6. Does Google “Undo Send” Let Me Revoke Emails I’ve Already Sent?
Earlier this year, Google announced that it was making its ‘Undo Send’ tool a standard Gmail feature. Undo Send delays email transmission by 30 seconds, giving you time to change your mind. If you choose to “undo” within 30 seconds, your message will not be sent. Once sent, your email becomes irrevocable, just like any other Gmail message.
If you are looking for the ability to revoke a message that you’ve already sent at any time, regardless of whether or not the recipient has already read your message, Virtru will do the trick. When you revoke a message with Virtru, you signal to Virtru’s servers that the indicated recipient should no longer have access to the keys needed to decrypt that message content. Thus, when the recipient goes to read the revoked message, all he sees is this:
In addition to revocation, Virtru also adds additional controls including message expiration and forwarding control. Taken together, these capabilities allowing granular control of content, even after it has been opened by a recipient — enabling greater security and control.
Bottom Line: Google offers best-in-class security and privacy controls. To meet regulatory and data security compliance, additional protections like Virtru client-side encryption may be beneficial or required.
Google for Work provides many built-in data security protections, particularly for information shared within the Google ecosystem. To maximize security and ensure regulatory compliance, most experts recommend a layered security approach.
Add-ons like Virtru enable you to meet additional regulatory and data privacy requirements. By adding Virtru client-side encryption to your Google domain, you ensure that only authorized parties can ever access your content–making an already super secure Google for Work cloud platform even more secure.
If you’re using Google Apps for Work, you’re already in a good position. Here’s what else you should consider:
1. Ensure that your Google Apps security controls have been configured properly for maximum security when sharing with parties inside of the Google ecosystem.
2. Add a client-side data encryption service to ensure regulatory compliance and data security when sharing with parties outside of the Google ecosystem.
3. Avoid data leaks caused by human error by using revocation and data loss prevention (DLP) to automatically detect and client-side encrypt sensitive content before it leaves your device.
4. Enable data security measures to retain control of sensitive information even after it has been shared. The ability to revoke messages and files, even after they’ve been opened, set expirations, and restrict forwarding adds an additional layer of data security and compliance.
As a trusted Google partner, Virtru complements your Google Apps security experience with granular control capabilities like revocation, client-side DLP, and client-side encryption that prevents unauthorized parties or service providers from ever accessing your data.
If you’re interested in finding out more about how you can maximize your Google Apps security, check out the special webinar recording: Securing Gmail and Drive: Security Tips from Google and Virtru.