Virtru Private Keystore for Google Workspace Client-Side Encryption
Virtru is an encryption key management partner for data-centric security across Google Workspace CSE, including S/MIME for Gmail.
Virtru is an encryption key management partner for data-centric security across Google Workspace CSE, including S/MIME for Gmail.
Virtru is a key management partner for Google Workspace CSE. Unlike other CSE key partners, Virtru enables you to encrypt your data and also apply automatic access controls based on your custom labels, ensuring your data remains protected against unauthorized access, regardless of its location within your system.
/Partner%20of%20the%20Year%20Google.webp)
Virtru was named a 2024 Google Cloud Partner of the Year in Industry Solutions - Technology for Government and Education.
Google and other third parties cannot decrypt or view your data.
Rest easy knowing your files are protected by end-to-end encryption.
Create automatic data security policies for all data stored in Google Workspace.
Advance your Zero Trust data control and security initiatives.
Manage your own keys on-premises or in a private or public cloud.
As a longtime Google partner, Virtru is your guide to securing data that flows into and out of your Google ecosystem.
“Virtru is proud to be Google Workspace’s first recommended data protection partner and to have helped architect Google’s Client-Side Encryption capability with Google, in concert with our strategic enterprise partners. We are thrilled that Google Workspace Client-Side Encryption has become generally available for enterprises worldwide, and to include other partners in this open and extensible ecosystem."
John Ackerly
CEO
User creates a new Google Workspace CSE Document.
Document encryption key (DEK) is generated locally within the user's browser.
DEK is sent to customer-hosted CSE server, which creates an access control policy. DEK is then wrapped with a second encryption key (CSE key).
The wrapped DEK is sent to Google for storage alongside the encrypted document. Meanwhile, the CSE key never leaves the customer's server, so Google can never access it.
User attempts to open a Google Workspace CSE document, and a wrapped Document Encryption Key (DEK) is sent to the CSE server.
CSE server checks to see if policy is active whether the user is authorized to access the document.
If policy is active and user is authorized, CSE decrypts (unwraps) the DEK.
Decrypted DEK is sent to the browser to decrypt the content for seamless, secure collaboration.
Virtru's data protection empowers users to encrypt sensitive information with one click, directly within their Google interface:
Extend Zero Trust data control across your Google SaaS ecosystem. Book a demo with our team to see how simple it can be to get started.
6,700+ CUSTOMERS TRUST VIRTRU FOR DATA SECURITY AND PRIVACY PROTECTION.
