NORTH AMERICA:  
800 707 4492
UK & EUROPE:  
+44 (0) 1292 430290
sales@locklizard.com
Locklizard
  • Products
    • Our DRM software
      • Product Overview
        • Restrict PDF use
        • Watermark PDF
        • Expire PDF
        • Revoke PDF
        • Disable Print
        • Track PDF
      • Safeguard PDF Security
      • Safeguard Enterprise
    • Secure PDF Viewers
      • Viewer Overview
      • Viewer Demo
      • Web Viewer
      • USB Viewer
    • Add-ons
      • All Add-ons
      • Web Publisher
      • Safeguard Portable USB
      • Ecommerce API
      • Command Line
      • Own Branding
      • Custom Email
    • Purchase
    • Book a Demo
  • Solutions
    • Industry sectors
      • All Industries
      • Auctions
      • Engineering
      • Government
      • Healthcare
      • Libraries
      • Mergers & Acquisitions
      • Publishing Ebooks
      • Publishing Media
      • Publishing Standards
      • Membership Associations
      • Reports & Analysis
      • Tax Advisors
      • Training & Education
    • Vertical sectors
      • All Sectors
      • Board Documents
      • Internal Company Use
      • Large Publishers
      • Small Publishers
    • Business processes
      • Processes Overview
      • Secure Document Sharing
      • Sell Documents Securely
      • Document Retention
      • Prevent Document Leakage
      • Internal Document Control
      • Regulatory Compliance
      • Secure PDF Forms
      • Secure Data Rooms
      • Data Room Security
      • Application Integration
    • Business benefits
    • Regulatory compliance
      • Compliance Overview
      • NIST & DFAR Compliance
  • Downloads
    • Free 15 day trial
    • Viewers
      • Windows Viewer
      • Mac Viewer
      • iOS Viewer
      • Android Viewer
    • Writers
    • Manuals
  • Support
    • Support
    • FAQs
    • Guides
    • Videos
    • White papers
  • About Us
    • Contact us
    • Our customers
      • Customer Overiew
      • Case Studies
      • Testimonials
    • Our technology
    • Blog
    • Why Locklizard?
      • Competitors
      • PDF DRM protection
      • Password protect PDF
      • Product Awards
  • Search
  • Menu Menu

Gmail “Confidential” Mode and Google Docs vs Document DRM for security

in Blog, Document Security, DRM, PDF Security

Gmail confidential mode’s fatal security flaw & why document DRM is better

Gmail’s confidential mode is meant to protect sensitive information from sharing, but like Google Docs, its security is trivial to bypass.  Here we show why, privacy implications, and what secure alternatives there are for businesses.

  What is Confidential mode in Gmail?

Gmail’s Confidential mode was released in late 2019 and was immediately billed as a way to make emails more private and secure (beyond the basic TLS encryption).  That assumption still exists today, and it’s not surprising — after all, you would expect something labeled “confidential” to keep your documents safe.

In reality, the strange implementation of Confidential mode in some ways makes it less private, rather than more.  First, let’s take a look at what Google says about Confidential mode:

With Gmail confidential mode, your users can help protect sensitive information from unauthorized or accidental sharing. Confidential mode messages don’t have options to forward, copy, print, or download messages or attachments.

Confidential mode lets you:
– Set a message expiration date
– Revoke message access at any time
– Require a verification code by text to open messages

Sounds promising, right?  Confidential mode can be a useful feature if used correctly.  However, Google itself admits that despite removing the copying, printing, or downloading options, it doesn’t stop a user from performing them.

  How secure is Confidential mode?

While yes, Confidential mode removes the options to perform these actions in the Gmail client, Google admits that it doesn’t stop recipients from taking screenshots of a message or attachment or using a “malicious tool” to copy or download them.

To be clear, Google’s definition of a malicious tool here is a very broad one.  By malicious tool, the company means any application that can open its emails but aren’t under its control.  For example, you can trivially bypass the printing, downloading, expiry, and copying controls by:

  1. ticking a few boxes in Firefox’s style editor.
  2. using the “save page as” button in your browser to download the email’s contents.

These methods automatically remove all controls, as the protection is dependent on you opening the email in Gmail.  Attachments are not protected to begin with.

In practice, this means that at its best confidential mode only protects against non-technical users.  At worst, it actively reduces security by creating a false sense of it.  Confidential mode emails are not encrypted end-to-end, yet users may see them as a replacement for more effective security measures.

It also raises the question of privacy.  Despite its “Confidential” branding, the lack of end-to-end encryption means that the feature doesn’t hide anything from Google.  The company can potentially read and store your emails for as long as they want, no matter the expiry date you set.  Indeed, we know for a fact that emails hang around after expiry because they long live on in the “Sent” folder.

  A word on encrypted emails


So, if not confidential mode, what should you be using to secure business emails?  Recently, there has been a rise in users utilizing end-to-end encrypted email services.  By using pairs of private and public keys, such email services ensure that emails can only be opened by the account of their intended recipient.  It also means that the email provider will be unable to read or store your emails.

Unfortunately, the protection this encryption provides doesn’t apply to documents.  While yes, you’re making it harder for attackers to intercept an email in transit, that isn’t the primary way documents leak.  You need to be able to prevent misuse after the recipient downloads and opens your file.

If you don’t trust a recipient 100%, which is nearly always the case, you can’t be sure they won’t just download the unprotected attachment and share it.  If you’re sharing documents securely as a product, this is even more likely, with piracy rampant in the e-book market and beyond.

  What about Google Docs security?

Hold on, you might be thinking.  Google already has document protection in the form of Google Docs.  Why can’t I just embed a Google Doc in my email and call it a day?

Google Docs does include some rudimentary document protection (but no expiry) by only allowing access to certain Google accounts and disabling the option, to download, print, and copy.  However, there are several issues with its implementation.

The thing to understand about Google Docs is that it is a browser-based tool.  Though there has been a trend toward web apps in recent years, the problem with this approach is that a browser simply can’t exert the same level of control over a user’s system and activities as an application can.  In fact, browsers are designed to be manipulated for web development purposes, and you’d better believe that Google Docs can be manipulated, too.

At its core, Google Docs uses JavaScript to enforce its controls, which you can bypass by appending “/mobilebasic” to your URL and then disabling JavaScript in the developer console.  Users can then copy and paste the contents into a new Google Doc to use as they like.

Google also makes no attempt to stop users from using their browser’s print function (Ctrl + P) to print to a PDF, or from taking a high-quality screenshot.

Finally, assuming that all of these flaws are suddenly fixed (which is not really possible in the browser) a user can still leak a document by sharing their account details with someone else.

   Document DRM

So how do you protect your document in transit and at rest, while also preventing unauthorized sharing?  The answer is document DRM.

With a DRM solution like Locklizard Safeguard, the document is end-to-end encrypted before it’s sent to any users.  The recipient is sent a license file in advance.  This license key can only be activated on one machine and is required to obtain the decryption keys for the document.  Once the decryption keys are securely transmitted, they are stored in an encrypted keystore that the recipient cannot access or share.  Therefore, only authorized users can open the PDF.

Meanwhile, the viewer application can enforce printing, revocation, and expiry controls that actually work.  With a secure implementation and no ability to install plugins or open developer mode, users have no route to bypass them.  It additionally includes the following functionality:

  • prevents copying and pasting into other applications
  • stops editing and modification of content
  • prevents printing
  • blocks screenshots
  • restricts access to devices to prevent sharing
  • restricts access to locations to control BYOD use
  • enables limited and degraded printing while preventing printing to PDF
  • expire the document after a certain date or number of uses
  • revoke user access remotely at any time
  • logging of document views and prints
  • add irremovable watermarks that are automatically populated with identifying user information at view/print time

  How to encrypt & send a secure PDF via gmail using Locklizard

Here’s how to create a secure PDF file with encryption and DRM controls, and send a secure PDF via gmail (as a secure PDF attachment) using Safeguard PDF DRM.

  Create your DRM encrypted PDF

  1. Right-click on your PDF and select “Make secure PDF”.
  2. Open the “Document Access” tab and choose “Selected customers”.
  3. Choose the DRM controls you want to enforce.

    Creating a secure PDF file using Locklizard Safeguard PDF DRM

    Move through the tabs of Safeguard PDF Writer and add any DRM controls you want to add to your document.  By default, Locklizard secure PDF files cannot be edited, copied and pasted, printed, or saved as unprotected PDF files.  If you enable printing, then users cannot print to file drivers such as PDF and other unprotected file formats (otherwise they could easily remove the security).

  4. Press the “Publish” button at the bottom of the dialog to protect the PDF file.  The PDF will be encrypted using AES 256-bit encryption and the DRM controls applied.
  5. To grant a user access to it, log in to the Safeguard Admin portal.
  6. Open the “Customers” tab and press “Add” in the sidebar.
  7. Enter the user information and click on the “Set Document Access” link in the “Manage Access” section.
  8. Select your document and press “OK”.
  9. Press the “Add” button on the customer account.

    Keep the “Email license” checkbox checked to have the license file emailed to the user’s email address that you have entered.  The user will be sent an email with their license key and instructions on how to download the secure PDF viewer software.  You can also choose to untick ‘Email license’ if you’d like to share this information with them via other means.

  Securely send your PDF using Gmail

Once users have installed the secure Viewer software and clicked on their license file to activate it, you can securely send PDF file attachments to them via gmail.

To do this, select the protected PDF file (.PDC file) and attach it to your email message.

Emailing a secure PDF attachment using Gmail that has been protected with Safeguard PDF Security

Of course, you can also send the PDF attachment using a different email client, or share the protected PDF file via your favorite workplace chat app, cloud storage, or another document-sharing solution.  As only the recipient has authorized access, nobody else will be able to open the secure PDF document.

If you want to prevent users from opening the secure PDF file outside certain locations (such as the office) you can add country and IP restrictions in the Safeguard Admin portal.

   The best choice for confidential document distribution


While Safeguard DRM isn’t a replacement for end-to-end email encryption (you still have to protect the text in the body of your email after all) it can work excellently in tandem with it.  Together, they can provide an email experience that’s truly confidential – and not just meaningless buzzwords.

If your business needs the best solution for protecting documents from unauthorized disclosure, take a free 15-day trial of our PDF DRM software.

  FAQs

Is Gmail encrypted?

Gmail uses TLS to provide encryption of emails and attachments during transit.  So as long as the person you email is also using a mail service that uses TLS then no one should be able to intercept them en route.  However, once the email reaches the destination mail server, it is stored in clear text.

If you want to ensure only the intended recipient can view it, then you need to use end-to-end encryption – there are many companies that provide secure email software and services.  Alternatively, you can encrypt attachments using a separate file encryption application such as PGP, or add encryption and DRM to PDF files using Safeguard PDF Security.

Can Google read my email messages?

Yes, they are NOT stored encrypted on the mail server but held in plain text.

Can you send a password protected PDF in Gmail?

In short, yes – but it is not very secure:

  • Weak passwords can be easily cracked using password removal tools – so you need to use a strong password, which has to be remembered.
  • You have to find a secure way to transmit the password to the user(s) that need to open it.
  • Once recipients have the password they can remove it or share it with others.
  • Any permissions or restrictions you apply, such as preventing editing or printing, can be instantly removed using free online tools.
Can you send a secure email in Gmail?

It depends on what you mean by secure.

  • If you want only the intended recipient to view your email then an email service that provides end-to-end encryption is more secure.
  • If you want to control what users can do with content (copy, edit, print, etc.) then you need a DRM solution.
Can I send a confidential email in Gmail?

Yes, but for the reasons outlined above, it is not recommended, especially for business use.  Users can easily bypass confidential mode by using Firefox’s style editor or using the “save page as” button in the browser to download the email’s contents.

 

Tags: best way to securely share documents, document drm, email document securely, email drm, email encryption, email pdf securely, encrypt a pdf file for email, encrypted pdf, gmail confidential mode, gmail encryption, gmail security, google docs, google docs security, Is sending a PDF via email secure?, protect confidential documents, protect sensitive information, send secure pdf via email
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Reddit
  • Share by Mail
https://www.locklizard.com/wp-content/uploads/2022/07/gmail-vs-doc-DRM-2a.png 288 479 Ryan Maskell /wp-content/uploads/2015/02/logo.png Ryan Maskell2022-07-20 15:28:522023-01-27 09:23:32Gmail “Confidential” Mode and Google Docs vs Document DRM for security

Free Trial

“Fantastic product… outstanding support.”

“We would recommend Locklizard to others”

“The clear leader for PDF DRM protection”

“Our ebook sales have gone through the roof”

“Simple & secure – protects IPR from theft”

Trusted by:

Protect IPR

See why thousands of companies use Locklizard to safeguard their documents and increase revenue streams.

  • Our Customers
  • Customer Testimonials
  • Customer Case Studies
  • Locklizard vs Competitors

Latest Posts

  • Amazon DRM & Kindle publishing is penalizing authorsMarch 10, 2023 - 6:51 pm
  • Adobe Experience Manager & Cloud Document SecurityFebruary 28, 2023 - 7:38 pm
  • How to prevent users removing security from PDF filesFebruary 20, 2023 - 7:40 pm
  • How to protect a Word document without a passwordFebruary 10, 2023 - 6:25 pm
  • Using Dynamic Watermarks to Protect DocumentsJanuary 31, 2023 - 7:13 pm
PDF DRM Features
  • Protect PDF files
  • Stop PDF sharing
  • Stop PDF copying
  • Restrict PDF editing
  • Add PDF watermarks
  • Disable PDF printing
  • Stop screenshots
  • Expire PDF files
  • Revoke PDF files
  • Lock PDF to devices
  • Lock PDF to IP
  • Track PDF opens

How To Guides

Prevent PDF security removal
Protect Word without password
Add a dynamic watermark
Password protect Google Doc
Add a watermark in Word
Make a PDF non editable
How to create a stamped PDF
How to prevent ebook piracy
Password protect a Word doc
How to protect a PDF securely
How to revoke document access
Change PDF security settings
How to disable printing of PDFs
Sell online courses securely
How to add security to a PDF
Encrypt a PDF without Acrobat
Share documents securely
How to prevent PDF sharing
Protect confidential documents
How to publish ebooks securely
How to restrict PDF editing
How to password protect a PDF
How to protect ebooks
How to sell Reports securely
How to make a PDF read only
How to send a PDF securely
How to watermark a PDF
How to lock a PDF from editing
How to encrypt a PDF
How to make a PDF expire
How to password protect a PDF
How to protect online courses
How to email a PDF securely

Try Safeguard today

Start protecting your PDF files and documents from sharing & piracy

PRODUCTS

Product Overview
Safeguard
Safeguard Enterprise

Add-ons

  • eCommerce API
  • Command Line
  • USB Protect
  • Web Publisher
  • Own Branding
  • Custom Email

Secure PDF Viewers

  • Web Viewer
  • USB Viewer

SECURITY FEATURES

Stop copying, editing, saving
Disable PDF Prints
Block Screenshots
Disable Copy Paste
Dynamic Watermarks
Expiry & Self Destruct
Revoke Documents
Device Locking
Location Locking
Track PDF Use

PRICING

Purchase & Pricing
Instant Quote

RESOURCES

FAQs
Locklizard Blog
Knowledgebase
Security Guides
White Papers
Viewer Demo
Videos

DOWNLOADS

Secure Viewers

  • Windows
  • Mac OS X
  • iOS
  • Android

Writers
Product Manuals
FREE Trial

DOCUMENT SECURITY

Share Documents Securely
Protect Online Courses
Stop Ebook Piracy
Document Encryption
Secure PDF Distribution
Protect Confidential Documents
Ebook DRM

Protect PDF Files

  • PDF Copy Protection
  • Lock PDF files
  • Encrypt PDF
  • Secure PDF
  • PDF DRM

INDUSTRY SECTORS

Training & Elearning
Publishing Ebooks
Publishing Standards
Online Libraries
Membership Associations
Engineering
Government
Healthcare
Mergers & Acquisitions
Secure Reports From Theft

  ABOUT US

About Us
Our DRM Technology

Customers

  • Case Studies
  • Testimonials

Locklizard vs Competitors

  • Secure Data Rooms

Company Brochure

  CONTACT

sales@locklizard.com
support@locklizard.com

Business Hours:
Mon – Fri: 8AM to 5PM EST
Tel (US): +1 800 707 4492
Tel (UK): +44 (0)1292 430290

© Copyright 2004-2022 Locklizard Limited. All rights reserved.Privacy Policy|GDPR Policy|Cookie Policy|SITE MAP

Scroll to top