Keep your Gmail transmissions secure

Set Google's mail service to encrypt all connections to your in-box.

Dennis O'Reilly Former CNET contributor

Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.

See full bio

Dennis O'Reilly

Aug. 1, 2008 9:29 a.m. PT

2 min read

When I mentioned in a post last week that I forward select messages from my office Microsoft Exchange account to Gmail, several people claimed that this puts the company's data at risk.

I failed to point out that the information in the messages was not at all sensitive: no invoices, strategic plans, credit-card numbers, customer records, etc.

But what if I had needed to access private information from this account on a system other than Outlook? Assuming that no company can be trusted, how could I use Gmail without worrying about security?

One part of the problem was addressed when Gmail began supporting HTTPS connections. Well, Google claims that Gmail has always supported HTTPS, but you had to add the "s" to the URL prefix manually to access the encrypted version of the service, and log in at "https://mail.google.com," not "https://www.gmail.com." (Note that Google Calendar also supports HTTPS.)

Now Gmail lets you encrypt all your connections to the service via a simple settings change. To secure your e-mail transmissions, click Settings in the top-right corner of the main Gmail page, scroll down to "Browser connection" at the bottom of the window, select "Always use https," and click Save Changes. The next time you open your Gmail in-box, the transmissions will be encrypted.

The "Browser connection" section of Gmail's Settings dialog — Make all your Gmail connections encrypted by choosing "Always use https" in Gmail's Settings dialog. Google

The Gmail Help Center states that encrypting connections may slow down your page loads, but this is a small price to pay to secure your e-mail link, especially when you're computing in the great outdoors, whether using your own laptop or a public PC.

But does this truly secure your data? There are several Firefox add-ons that encrypt messages and attachments sent and received via Gmail. One of these is Gmail S/MIME by Richard Jones and Sean Leonard. Gina Trapani's Better Gmail includes encryption among many other useful Gmail enhancements.

Even these measures won't be sufficient to convince some people to trust Gmail specifically or Google generally. Nearly all of my remote connections to the office servers are made over a VPN link. When in doubt--even a little bit of doubt--encrypt.

Services and Software Guides

VPN

Cybersecurity

Streaming Services

Web Hosting & Websites

Other Services & Software

Services and Software Coupons