Google client-side encryption
Google Workspace client-side encryption (CSE) lets an organization add a customer-controlled encryption layer to supported Drive and Gmail content before that content is stored in Google’s cloud. The organization selects or operates a key-access service and remains responsible for identity and key management.
CSE is an enterprise control, not a universal property of every Google Workspace object or feature. Compatibility, edition, administrator configuration, metadata exposure, and recovery design must be checked for the actual workflow.
Like Apple Advanced Data Protection, it supports the comparison in Privacy competitors and inspirations between provider-readable cloud storage and customer-controlled cryptographic boundaries.
Sources
Connections