Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

Google has announced the availability of end-to-end encryption (E2EE) in Gmail for enterprise users on Android and iOS. Building on the rollout of Gmail E2EE for enterprise inboxes last year, the improved privacy measure now allows users to read and compose encrypted messages natively within the Gmail application on their mobile devices. The feature is available immediately and allows enterprise users to send encrypted messages to any recipient, regardless of the recipient’s email address. If the recipient is a Gmail user, the message will be delivered as any other email thread. If they do not use a Gmail application, they will still be able to read and interact with the message normally in their browser. The rollout, Google notes, brings a combination of boosted privacy and user-friendly experience to customers of all types, from small businesses to enterprises and the public sector. “With Gmail E2EE, your users can confidentially engage with your organization’s most sensitive data from anywhere on their mobile devices while ensuring data remains compliant and with your organization’s sovereignty and compliance requirements,” Google notes. Gmail E2EE relies on client-side encryption (CSE), the technical control in Google Workspace that allows organizations to secure emails, documents, and other content with encryption keys under their control. To make the feature available to their Android and iOS users, administrators will need to enable it in the CSE interface in the Admin Console. Users can add client-side encryption to messages by clicking the lock icon and selecting additional encryption, after which they can compose messages and add attachments as usual. The capability is now available for Google Workspace customers on the Enterprise Plus plan with the Assured Controls or Assured Controls Plus add-on. Related: Google Rolls Out Cookie Theft Protections in Chrome Related: Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access Related: Google DeepMind Researchers Map Web Attacks Against AI Agents Related: Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire MITRE Releases Fight Fraud Framework Critical Marimo Flaw Exploited Hours After Public Disclosure Google Rolls Out Cookie Theft Protections in Chrome Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities Google Warns of New Campaign Targeting BPOs to Steal Corporate Data 300,000 People Impacted by Eurail Data Breach RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years Latest News International Operation Targets Multimillion-Dollar Crypto Theft Schemes CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads Fake Claude Website Distributes PlugX RAT Adobe Patches Reader Zero-Day Exploited for Months In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack Juniper Networks Patches Dozens of Junos OS Vulnerabilities Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday Orthanc DICOM Vulnerabilities Lead to Crashes, RCE Trending Webinar: A Step-By-Step Approach To AI Governance April 28, 2026 With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment. Register Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move The United States Department of War appointed David Vaughn as Technical Advisor for Data Infrastructure. Black Duck has named Dom Glavach as Chief Information Security Officer. Finite State has named Ann Miller as Vice President of Marketing. More People On The Move Expert Insights The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) Flipboard Reddit Whatsapp Email