Google Workspace Client-Side Encryption

Key lifecycle management to protect data in the cloud

Google Workspace Encryption & Key Management

Google Workspace Client-side encryption (coming soon) gives enterprises the ability to encrypt their data before sending it to Google’s servers. Client-side encryption gives customers direct control of encryption keys and makes customer data indecipherable, placing unprecedented control in the user’s hands.

Google Drive | Google Docs | Google Sheets | Google Slides
Download brochure (PDF)

What is Client-side encryption?

Client-side encryption is a method of encrypting data on the user’s end before it is sent to the service provider. The user determines their encryption key, manages its lifecycle, and retains sole access to it. Third parties cannot decrypt the user’s data while it is hosted in the service provider’s infrastructure.

Futurex solution details

Futurex’s natively-integrated HSMs offer streamlined deployment and high security, with no 3rd party relationship management needed.

  • Support for Google Chrome
  • 256-bit AES keys with monthly rotation
  • FIPS 140-2 Level 3 validated key management server
  • Deliverable either on-premises as 2U network appliance, or via Futurex’s VirtuCrypt cloud service
  • SLA-backed uptime

Google workspace app coverage

  • Drive
  • Docs
  • Sheets
  • Slides

VirtuCrypt Cloud HSM services

VirtuCrypt, Futurex’s cloud HSM and key management platform, is an award-winning provider of enterprise-class cloud security services. VirtuCrypt provides cloud-based access to Futurex’s innovative set of solutions for encryption, key management, tokenization, PKI & certificate authority, data protection, remote key loading for POS/ATM/IoT, and much more.

  • Automated provisioning of cloud HSMs through VirtuCrypt Intelligence Portal
  • Easy migration from legacy on-premises HSMs to cloud HSMs
  • User-controlled clustering and high availability
  • Services available from worldwide data centers
  • 99.999%+ SLA-backed uptime

Straight-forward setup

Enable Client-side encryption via Google Workspace Admin Console:

  1. Log into admin console
  2. Select option to add an external key service (KACLS)
  3. Enter the KACLS server address
  4. Specify organizational units
  5. Configure 3rd party Identity Provider
Schedule a demo
Expanded functionality

Enterprise-wide data protection

Futurex provides a versatile external key service using fully validated HSM and cloud technology. In addition to solutions for Google Cloud External Key Manager, Futurex’s Key Management Enterprise Server (KMES) Series 3 offers the following functionality:

  • Cloud key management
  • Data protection
  • Public key infrastructure (PKI)
  • Certificate authority (CA)
  • Code signing
  • Vaultless tokenization
KMES Series 3

Want to learn more?

If you are interested in Futurex solution for Google Workspace Client-side encryption, or would like to inquire about a demo, please Contact Us or view our recent blog post.

Give us a call