Reporter 
Sign-ups are open now and until 20 January 2023. The beta program is not yet available for individual accounts.
“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities,” Google said in its announcement. “Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.”
Once admins are accepted into the beta, the new encryption can be enabled via Admin console > Security > Access and data control > Client-side encryption, and can be enabled at domain, OU, and Group levels.
On the end-user side of things, users can simply click the lock logo on an email, select “Additional Encryption” in the drop-down, and then compose and send their emails normally. The subject line and recipients are not encrypted, however. The body of the email, included embedded images, is encrypted, as are attachments.
The key strength of client-side encryption is that it can be used with an organisation’s own keys. The encryption also occurs before the email is sent or stored in Google’s cloud storage — not even Google can access the data, the company claims.
Admins can also choose which users have access to the functionality.
Google suggests that any company working with important intellectual property should take advantage of its client-side encryption, as well as companies working in particularly regulated industries such as aerospace and defence, or government.