Sending emails securely is a must in today’s age, and to that effect, the end-to-end encryption provided by Gmail confidential mode has been a welcome move. But on closer look, this feature appears to be no more than a marketing strategy. On the other hand, document DRM is a well-known and approved method of protecting confidential information, sharing documents securely with third parties, and tracking document usage to identify breaches. So let’s compare the two technologies — Gmail confidential mode versus document DRM to see how they stack against each other.
Gmail confidential mode
Gmail’s confidential mode does not employ standard email protocols in delivering messages. Rather, the message is hosted on a Google server, which means that even though Gmail protects confidential emails, the email recipients must click a link to see the message in their browser. This aspect was introduced to help preserve classified data from being shared accidentally or without the sender’s consent. In addition, in confidential mode, recipients (in theory) are not given the option of forwarding, copying, printing, or downloading the content or attachments.
Within Gmail’s confidential mode, the sender can set down an expiration date for the email, revoke content access, and request a verification code by text to open emails. However, there are several drawbacks to this method.
Since the messages sent or received through confidential mode are not actually emails but links, one can forward these links to other parties. So while only an intended recipient can successfully open the link, if an unintended recipient receives the forwarded link, Google will prompt them for their username and password. This could invite link-baiting or phishing attacks to lure people into revealing their login data.
For example, let’s say a confidential mode email has been forwarded. The intended user can only view the message by clicking on the provided link. In the event of a phishing attack, the victim arrives on the linked page, which is a Google login page that requests their Gmail login details. Once the victim enters those details, hackers can capture the data they need to compromise the Gmail account of the victim.
Then there are the protection controls that don’t amount to much. Although Gmail confidential mode does not allow the copying, forwarding, printing, or downloading of content, you can easily bypass the printing, downloading, and copying controls by:
- ticking a few boxes in Firefox’s style editor.
- use the “save page as” button in your browser to download the email’s contents.
These methods automatically remove the expiry controls as well since they are dependent on you opening the email in Gmail. You can also take screenshots of emails that can then be copied and forwarded, printed, or downloaded. And lastly, attachments are not protected – as a sender, you are prompted to select between confidential mode or the attachment.
Another area of contention is that Google has not made any explicit claims whether emails and phone numbers are deleted from its servers after expiry. Hence, it could be safe to assume that Google retains information indefinitely.
Regarding compliance, Gmail confidential mode also raises some eyebrows. For instance, if you are an enterprise employee using regular Gmail, you could be guilty of retaining company email. On the other hand, Gmail in G Suite enables compliance at the cost of user privacy. You can use Google Vault to view emails even after expiry. Therefore, standard Gmail does not comply with the enterprise scenario, while Gmail in G Suite does not adhere to privacy.
Gmail confidential mode is an easy way of maintaining a brief amount of control over the emails you send. However, it is not secure. Given its numerous limitations from a usability and security point of view, it is evident that it does not address the sending and protection of highly-sensitive data.
To ensure that your messages and documents remain secure, you need proper document security, such as document DRM that provides you with complete control over who can access sensitive data and how.
Document digital rights management [DRM]
DRM is a proven set of copy protection controls that enables you to control not only who can access your content but also what the user can do with it. With document DRM, you can protect, track and manage sensitive data even after distribution. For example, suppose you’re looking to safeguard important, classified business information against intellectual property theft, piracy, data breaches, and leakage. In that case, you need to control what users can access your documents and prevent content from being copied and shared. Document DRM enables you to:
- Stop sharing – documents are locked to users’ machines so they will not open if copied to another device
- Stop copying – content cannot be selected and copied
- Block screenshots – prevent screen grabbing utilities from taking high-quality screenshots
- Disable printing
- Automatically expire documents
- Revoke access at any time
With document DRM, you can protect your documents against unauthorized distribution and copying regardless of where they are located.
Document DRM eliminates the unauthorized sharing of your protected data by preventing the taking of screenshots, printing of your intellectual property, copying classified content, and downloading the material without your permission. Furthermore, you can instantly revoke or restrict access at any time after sending the data and even set down maximum access counts.
Given growing regulations and legal mandates surrounding compliance, it is crucial to adequately secure your sensitive documents and corporate files. With document DRM, you can efficiently manage your confidential information throughout its lifecycle, from creation to sharing and deletion.
In the absence of end-to-end encryption, Gmail Confidential Mode is a mere marketing strategy created to pacify users around the subject of privacy. Thankfully, you have document DRM to secure your communications, PDF attachments, and confidential documents.