Tuesday, February 14, 2023

Client-side encryption for Google Calendar is now generally available

What’s changing

Last year, we expanded the client-side encryption beta to Google Calendar to help customers strengthen the confidentiality of their data while helping address a broad range of data sovereignty and compliance requirements. Today, we’re happy to announce that client-side encryption for Google Calendar is now generally available to eligible Workspace editions. Additionally, based on feedback from beta, we’ve extended client-side encryption to support Key Migration and Google Takeout

When using client-side encryption for Calendar events, your event description, attachments, and Meet data is indecipherable to Google servers. You have control over encryption keys and the identity service to access those keys. 

Who’s impacted 

Admins and end users 


Why it’s important

Google Workspace already uses the latest cryptographic standards to encrypt data at rest and in transit between our facilities. With client-side encryption, we’re taking this a step further by giving customers direct control of encryption keys and the identity provider used to access those keys. This can help you strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs. 

Client-side encryption allows you to create a fundamentally stronger privacy posture, whether that’s to help your organization comply with regulations like ITAR and CJIS or simply to better protect the privacy of your confidential data. 


Additional details 

Client-side encryption for Google Calendar on mobile is currently in beta. Google Workspace Enterprise Plus, Education Plus, and Education Standard customers are eligible to apply for the mobile beta here until March 3, 2023. 


Getting started 

  • Admins: This feature will be OFF by default and can be enabled at the domain, OU, and Group levels. Go to the Admin console > Security > Access and data control > Client-side encryption. Visit the Help Center to learn more about client-side encryption
  • End users: 
    • You will need to be logged in with your Identity Provider to have access to encrypted content. 
    • To add encryption to any event in Calendar, click on the shield icon at the top of the event creation card. This will add encryption to event description, attachments, and Meet, while other items such as event title, time, and guests remain on standard encryption. 
    • Visit the Help Center to learn more about client-side encryption in Calendar

Rollout pace 

Availability 

  • Available to Google Workspace Enterprise Plus, Education Plus, and Education Standard customers 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Education Fundamentals, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers 
  • Not available to users with personal Google Accounts 

Resources