Securely migrate existing encrypted messages to Gmail client-side encryption (CSE)

What’s changing 

Beginning today, you can migrate encrypted emails from other services like Microsoft 365, Microsoft Exchange, or Virtu, to Gmail client-side encryption in the S/MIME format. Specifically: 
S/MIME messages imported from other mail providers are now supported by Gmail CSE Virtru customers can use our migration utility to encrypt their plain-text archives from Vault or Takeout, and import them as S/MIME messages Customers can bulk-import any plain-text email archives into Gmail as S/MIME messages

Additional details

The Gmail CSE Migration Utility is available for Windows, Mac, and Linux and supports PST & Mbox file formats. 

Getting started 

Admins: Visit the Help Center to learn more about how to migrate messages to Gmail as client-side encrypted emails. Note: For the migration of S/MIME messages from Microsoft 365 or Microsoft Exchange to Gmail, the certificates must be the same as those present in Microsoft. You need to set up the Gmail API and Gmail CSE for your users using the same certificates present in the Microsoft service. After the Gmail accounts are configured with the S/MIME certificates, you can migrate messages from the Microsoft service into Gmail. End users: There is no end user action required. 

Rollout pace 

Web & Android: 
This feature is available now.
Rapid Release and Scheduled Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on March 21, 2024 


Available to Google Workspace Enterprise Plus, Education Standard, and Education Plus customers