Confidential mode was one of the security features introduced as part of Gmail’s big Material Theme redesign on the web last year. It launched for consumers first, and is coming to all enterprise G Suite users next month.
With confidential mode, forwarding, copying, printing, and downloading messages is disabled by default. Senders can add an expiration date to emails that range from one day for five years. To counter account hijacking, recipient can also be required to authenticate themselves via an SMS passcode before reading.
Google began a beta program for G Suite customers in March that allowed admins to trial feature for their domain. There are also special considerations for maintaining records through Google Vault.
When a user sends a confidential message, Gmail replaces the message body and attachments with a link. Only the subject and body containing the link are sent via SMTP. This means that if your users send or receive messages in Gmail confidential mode, Vault will retain, preserve, search and export confidential mode messages. The message body of received messages will be accessible in Vault only if the sender of the message is from within your organization.
Starting June 25th, confidential mode will become generally available and enabled by default for all domains. The option to disable is available for administrators. At the moment, admins have three preferences in Apps > G Suite > Settings for Gmail > User settings:
- Disable: This option will prevent users in your domain from sending emails with confidential mode.
- Enable now (beta): This option will enable confidential mode, which is currently in beta. The feature will remain enabled when it enters into general availability on June 25, 2019.
- Enable when the feature is in general availability: This is the default option and will enable confidential mode when this feature becomes generally available on June 25, 2019.