Virtru for Gmail vs. Google Gmail CSE: What's the Best Enterprise Fit?

Matt Howard: As a partner of Google, we have worked closely with the Google Workspace team over a long period to develop a variety of different integrations into Google Workspace. We want to help the businesses that adopt Google Workspace achieve simple, elegant security enhancements in a way where their users do not have to do much; it is out of the user's way. As we have gone down that journey, we have adapted our capabilities to manage keys for anybody looking to adopt Google CSE, Client-Side Encryption. However, we also have native capabilities that integrate into Google Workspace, like Gmail. You said something interesting earlier: that native integration is sometimes important. As you understand our business and how we integrate natively with Gmail, I am curious to get your thoughts on that.

Jason Steer: I can give you specific examples of why native support is great, such as sending secure emails to external legal or HR teams. That is just one example of the challenges of secure email delivery over the last twenty years. The net result means that we are making our jobs harder for data retention and data governance that we need to be able to attest to. Having those native features built-in is vital. Literally, in the last two weeks, I have had four emails from four different business partners telling me Virtru's email encryption makes it so easy for us to communicate. It is so smooth that other companies want to look at it as well. I feel like I should be getting comped because I am referring you guys all the time now.

Matt Howard: Well, we are grateful for it. This is an interesting space we live in as we continue to partner with Google and the world continues to evolve. We try to stick to our swim lane and do what we do really well. At the same time, we try to adopt all of the great API advances that Google is bringing forth to the market. That is why we were excited to adopt CSE, broadly speaking, so we could be in the business of managing keys on behalf of people who were looking at Client-Side Encryption native to Google. We could help manage those keys, which is a great part of our partnership. At the same time, Google is painting a picture around CSE for Gmail. Roderick, I am curious: if you want to adopt Client-Side Encryption for Gmail natively within Google Workspace, you can, in which case Virtru would be happy to host those keys. However, that concept of CSE for Gmail is unique and different within Workspace because it is S/MIME based, and there is an overhead associated with S/MIME that has to do with the certificates. I am curious to get your thoughts on how you viewed CSE as it applied to Drive, Docs, Sheets, and Slides versus the micro picture of CSE as it applied to email specifically. What were your thoughts on that as you went through the research, and specifically regarding S/MIME versus Virtru?

Roderick Chambers: Correct. The first factor we looked at was ease of use. Downloading the plugin and getting a user to see all the features was the easiest part; that was very attractive. The second step was implementing the different security features. The watermarking, persistent sharing, and expiration dates just came as a benefit. But again, ease of use was key. The toggle feature on Virtru works out great. You can give it to the novice user or the cybersecurity expert. Across the board, everybody can use it.

The other big piece is the file size. We were very keen on the file size limits for sharing via email. We know Virtru has various levels of file sizes you can share through the Chrome plugin, which is very beneficial. Our users were never getting a kickback on an email that an external user did not receive because the file size was too large. It increased workflow, and employees could continue their communication with their clients easily. It is never a rejected email due to file size. It is about reputation. Reputation and the showmanship of capabilities are all built into the tool. When you get those three mixed in—user acceptance, high usability, and external user feedback that it is working—plus the built-in capabilities of enhancing security features as much or as little as you need, it is very beneficial for the team.