Fully-Integrated Google Workspace Data Encryption Solution
FULL CONTROL OVER YOUR DATA
Have full control over your data with ‘customer-controlled keys’. Keys are external to Google environment. GarbleCloud helps you implement your own KMS service with ease.
PROTECT DATA FROM EVERYONE
Keep your sensitive content private. Prevent Google and 3rd party apps from using or viewing sensitive data. CSE helps encrypt sensitive data in the browser before sending it to Google Servers. Content is only decrypted in your browser when any authorized user accesses the content.
THE POWER OF GOOGLE COLLABORATION
Leverage the unprecedented collaboration capabilities of Google Workspace Applications on client-side encrypted content, preserving native experience.
GarbleCloud’s KMS for CSE
Supported workspace subscriptions for this feature: Enterprise; Education Plus. Compare your edition.
One of the biggest challenges facing IT leaders today is balancing compliance and data privacy while not impacting employees’ productivity. We are making it simple for users to encrypt Google Drive files, Google Docs, and other user-generated content across Google Workspace applications such as Google Meet, Google Calendar, and Gmail (coming soon). Our customers can ensure complete Data Confidentiality from the Cloud provider (Google) and any other entity outside a customer’s “Perimeter of Trust.”
Google Workspace data encryption makes enterprise data protection a reality. GarbleCloud offers a fully integrated data encryption solution for clients with Google Workspace Enterprise Plus or Google Workspace Education Plus subscriptions. Client-Side Encryption means that files and data are encrypted on the user’s machine locally before it gets uploaded to Google Workspace servers – therefore, Google cannot decipher the content of the data you store in Google Workspace. Our customers can ensure data confidentiality across workspace applications with a single unified Encryption Key Service with Google Workspace CSE.
GOOGLE + GARBLE
User-Centric Google Workspace Data Encryption
To the user, encryption and key management happen transparently so that you can protect your data without burdening your staff.
The GarbleCloud CSE option enables comprehensive data encryption to ensure complete privacy of user-generated content in Google Workspace Applications like Google Drive, Calendar, Meet, and (soon) Gmail. It encrypts files, documents, and various other types of data like calendar events, emails, video recordings, etc., preventing even Google from looking into the protected user data.
Data Encrypted With CSE
Data Encrypted with CSE
- All file content (document body)
- Any embedded content like images added to Google Docs
Data NOT encrypted with CSE
- File title, description, owner, and creator
- File metadata, such as last-modified time or created time
CSE Key Features
GarbleCloud CSE admin console provides additional controls and key management functionalities. The new console allows you to manage external sharing permissions, key rotation policies and examine audit logs of encryption and sharing operations.
MANAGE PERMISSIONS AT A GLANCE
Have more control of all your external sharing of sensitive encrypted Google Docs.
EXAMINE AUDIT LOGS
Shows all domain activities in the last 30 days which includes encryption-decryption, adding permissions, changing security key, and editing user or domain.
ENCRYPTION KEY LIFE-CYCLE MANAGEMENT
Make key managment simple. Manage your envelope encryption keys in one place.
GarbleCloud Enterprise-Grade Key Management Service
GarbleCloud Key Manager is scalable to millions of keys in the cloud or on-premise in highly available configurations. Manage all key lifecycle management from key rotation to re-encryption via a software platform. It can be used for other key or secret management needs.
- Our KMS is based on open standards (KMIP) and is FIPS 140-2 Level 1 Certified
- Based on open standards (PKCS#11)
- Hardware security module (HSM) available if needed
- Distributed multi-site deployment for regional topology
Why Use GarbleCloud KMS for CSE?
Google Workspace uses the latest encryption standards to protect all data at rest and in transit through Google Cloud. With GarbleCloud KMS for CSE, you will have direct control of encryption keys and the identity provider used to access those keys. Many organizations require additional control to strengthen the confidentiality of sensitive information or regulated data.
Organizations use CSE for various reasons, for example:
- Privacy—Your organization works with sensitive intellectual property.
- Liability — Reduce exposure of your data to third-party apps and unauthorized users.
- Regulatory Compliance—Your organization operates in a highly regulated industry, like medical, financial services, government, or defense.
- Data Sovereignty & Data Residency — Makes it easy to meet country specific laws and regulations around data sovereignty and data residency.
GarbleCloud and Google Workspace
With Google Workspace Client-Side Encryption (CSE), content encryption is handled in the client’s browser before any data is transmitted or stored in Drive’s cloud-based storage. That way, Google servers can’t access your encryption keys and decrypt your data.
To use CSE, you’ll need to connect Google Workspace to an external encryption key service (like GarbleCloud) and an identity provider (IdP). Your users can share CSE files internally or with external organizations if those organizations also use Google Workspace and set up CSE.
Why GarbleCloud?
- Military-grade AES-256 encryption that is user-controlled & easy to use
- Robust, enterprise-grade encryption-key management framework
- Support CRUD operations on encrypted files in popular SaaS platforms