Historically, e-mail content has been transmitted in the clear, even when sent and received via encrypted channels. However, S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for secure end-to-end e-mail communication.

This technique uses certificates and a Public Key Infrastructure (PKI) to :

• guarantee the confidentiality of exchanges, through e-mail encryption;
• digitally sign e-mails and verify their integrity;
• guarantee the identity of the message sender, using digital certificates.

S/MIME makes a strong comeback

S/MIME has been around for years, but has remained little used, due to the complexity of managing identities, keys and certificates, particularly within webmails. Nevertheless, desktop e-mail clients such as Microsoft Outlook, Apple Mail and Mozilla Thunderbird have long supported this encryption and signature technology.

Recently, Google reintroduced S/MIME support within its Gmail online e-mail service. The company’s aim is to offer a complete, interoperable solution for securing e-mails, whereas players such as Microsoft currently focus solely on client-side encryption (CSE) for messages stored in the cloud.

At Google, S/MIME support is part of the client-side encryption strategy for data used on Google Workspace. The adoption of S/MIME for Gmail makes it possible to offer a wide range of services, adapted to the specific needs of an e-mail service. Once activated, the sending and receiving of secure e-mails is made possible by easy-to-use functions that are perfectly integrated with Gmail. In addition, public keys are collected automatically, facilitating key sharing between correspondents.

How do I enable S/MIME in Gmail?

S/MIME support in Gmail is activated via CSE. The Google Workspace administrator must therefore first check whether the organization has Enterprise Plus licenses, and then activate CSE. He or she will then need to connect a key management system to Google Workspace, and generate and send public and private keys to each user.

The use of Cosmian kms (Key Management System) will greatly simplify the activation and management of S/MIME in Gmail. This offering includes everything you need to set up a PKI, as well as tools capable of interfacing with Google’s services to automatically generate all the keys required. Cosmian kms is directly accessible on the Google Cloud marketplace, enabling easy deployment on the cloud, via a confidential, fully protected virtual machine.

Ensure total confidentiality of your data in Snowflake: discover how Cosmian kms guarantees protection without compromising performance or user experience.

Reach out now for an instant trial.