About client-side encryption

Supported editions for this feature: Enterprise Plus; Education Standard and Education Plus.  Compare your edition

With Google Workspace Client-side encryption (CSE), you can add another layer of encryption to your organization's data—like files and emails—in addition to the default encryption that Google Workspace provides. CSE helps to keep your organization's data private with end-to-end encryption that Google servers and third parties can't decrypt, giving your organization greater control over access to its data. CSE is especially beneficial for organizations that store sensitive or regulated data, like intellectual property, healthcare records, or financial data.

Protect your organization's data with CSE

  • How CSE protects your organization's data
  • Which organizations can benefit from CSE
  • Supported services, applications, and data types

For details, go to Protect your organization's data with client-side encryption.

Set up CSE for your organization

  • Admin and user requirements for CSE
  • Encryption key options
  • CSE setup overview

For details, go to Client-side encryption setup overview.

View CSE logs and reports

  • Audit logs for administrator activity
  • Reports on user activity for client-side encrypted files

For details, go to View logs and reports for client-side encryption.

Get answers to common questions about CSE

How to decrypt client-side encrypted files and emails exported using the Data Export tool or Google Vault

For details, go to Client-side encryption FAQ.

Was this helpful?

How can we improve it?
Clear search
Close search
Google apps
Main menu