Gmail users can now protect their information from unauthorized access using Gmail confidential mode. Google will be launching Gmail Confidential Mode for G Suite users on June 25, 2019 and all G Suite users will have the ability to send emails with confidential mode. When the user sends a confidential mode mail, Gmail removes the mail body and any attachments from the recipient's copy of the mail. These are replaced with a link to the content. Gmail clients make the linked content appear as if it's part of the mail. Recipients of the email in confidential mode will not have the option to forward, copy, print, or download mails. Users can also set an expiration date for their emails, it will revoke the email access at any time, and require an SMS verification code to access mail.





Enable Gmail confidential mode

G Suite administrator can enable or disable Gmail confidential mode for the entire domain or for specific organizational units. If Gmail confidential mode feature is disabled, then it will prevent users from sending messages in confidential mode. If you want to block all incoming mails in confidential mode, set up a compliance rule to block incoming mails.

To Enable Gmail confidential mode for your domain:

Login to your Google Admin console. From Admin console Home page, go to Apps ➔ G Suite ➔ Gmail. In User settings, check the Enable confidential mode box. Click Save.









To Enable Gmail confidential mode for an organizational unit:

Login to your Google Admin console. From Admin console Home page, go to Apps ➔ G Suite ➔ Gmail. On the left, select the desired organizational unit. Click on User settings, then select the desired organizational unit at the left side of the window. Check the Enable confidential mode box. Click Save.

Define rules to handle confidential mode mails

You can specify what action to take on incoming or outgoing Gmail confidential mode mails by creating compliance rules.

How compliance rules trigger on mails

Outgoing emails associated with a compliance rule to remove attachments are rejected, and the sender receives a bounce back.

Incoming emails in confidential mode are checked, but only the mail header and subject are scanned.

How confidential mode mails are quarantined

Outgoing emails in confidential mode do not go to the Admin quarantine. They are directly rejected and the sender receives a bounce back.

Incoming emails in confidential mode go to the Admin quarantine, but only the mail header is scanned.

Create a compliance rule to block incoming mails

Steps to create a compliance rule to block incoming mails in confidential mode from your domain.

Login to your Google Admin console. From Admin console Home page, go to Apps ➔ G Suite ➔ Gmail➔Advanced settings. In the Compliance section, click Content compliance. On the Content compliance setting, Click Configure. The Add setting dialog appears, where you have to enter a name, select the mail type to match, and define what action to take based on the mail. In Add setting dialog, enter the following information:

➛Enter a name for the rule.

➛In the mail to affect, check the Inbound box.

➛From Add expressions, choose If any of the following match the mail.

➛Click Add then select Metadata match.

➛From the Attribute section choose Gmail confidential mode

➛Then choose Message is in Gmail Confidential mode.

➛Click Save.









In the next section, choose Reject message ( if expressions match) Enter a customized rejection notice, which will be directed back to the sender. Click Add setting.











