Data Sheet

Demystifying Gmail Confidential Mode

How secure is Google’s new security feature?

Gmail confidential mode is a feature that gives Gmail users basic rights management controls for their email—including the ability to prevent email recipients from forwarding, copying, printing or downloading message contents or attachments, set an expiration date, and revoke access at any time.

Although Gmail users get some added control over their email messages and attachments with confidential mode, it’s important to understand where this feature falls short—and what to do about it.

With Gmail confidential mode:

1. Admins must place their trust in end users.

Currently, confidential mode cannot be enforced as a protection policy as part of G Suite’s DLP Rules. This means that admins must rely on end users to proactively apply confidential mode, introducing security risks.

2. Sharing and controls are limited.

Attachments cannot be shared beyond the initial email, inhibiting secure file-sharing workflows. Without watermarks, nothing is stopping the recipient from taking a picture of the file and leaking it. Additionally, confidential mode forces senders to apply all controls at once, making collaboration unnecessarily rigid.

3. Non-Gmail recipients have a less seamless, less secure experience.

Non-Gmail recipients must authenticate themselves via an additional email with a verification code, introducing friction to collaboration workflows. They can’t use confidential mode themselves, preventing them from sending secure responses, adding risk to external collaboration workflows.

4. Visibility is limited.

Senders can’t see who has accessed messages sent in confidential mode. For admins, Google Vault retains confidential messages but doesn’t let you filter for them specifically. Also, confidential mode activity is not immediately visible within the G Suite admin console, and audit logs and SIEM integrations are not supported.

5. Google is in control of your sensitive data.

Even when using confidential mode, Google has access to plaintext content. It’s not truly confidential. Plus, Google controls the keys protecting your data, meaning you can’t prevent government surveillance via blind subpoenas.

While Gmail confidential mode’s rights management controls may meet basic needs, additional protection is necessary for maintaining data privacy and security throughout its lifecycle.

As Google’s recommended encryption solution, Virtru ensures privacy for email messages and attachments while fostering secure collaboration with persistent protection, access controls, and key management options that give organizations superior control over and visibility into data access.

In order to ensure messages and their attachments remain secure, Virtru:

  • Offers protections that give customers complete control over who can access sensitive content.
  • Enables the secure sharing of attachments with persistent protections and watermarking that offer superior control to prevent data leaks.
  • Supports more seamless and secure collaboration workflows for recipients, helping mitigate compliance and privacy risks.
  • Provides admins with DLP rules that automatically enforce protection, so admins don’t have to rely on end users to proactively do so.
  • Provides fine-grained audit capabilities—including SIEM integrations—for enhanced threat response.


Dive Deeper