Protect Gmail messages with confidential mode (2024)

This article is for administrators. If you're a Gmail user, learn more about using Gmail confidential mode.

Gmail confidential mode is available in all Google Workspace editions.

With Gmail confidential mode, your users can help protect sensitive information from unauthorized or accidental sharing. Confidential mode messagesdon't have options to forward, copy, print, or download messages or attachments.

Confidential mode lets you:

Set a message expiration date
Revoke message access at any time
Require a verification code by text to open messages

Confidential mode messages can't be scheduled for sending.

Important: Confidential mode helps prevent recipients from accidentally sharing messages. Itcan't prevent recipients from takingscreenshots or photos of your messages or attachments. Recipientscan also use malicious software applications tocopy or download messages andattachments.

How Gmail processes confidential mode messages

Gmail removes the message body and any attachments from the recipient copy of a confidential mode message. Gmail replaces message content and attachments with a link to thecontent.

In Gmail, the linked content appears to be part of the message. Third-party email clients display a link in place of the message content.

Google Vault and confidential mode messages

Google Vault can hold, retain, search, and export all confidential mode messages sent by users in your domain. Vault can't access or read the content of confidential mode messages sent to your organization from external senders.If your domain uses Vault, carefully review how Vault handles confidential mode messages.

To support Vault's requirementto access confidential modemessages, Gmail attaches a copy of the confidentialmode contentto the recipient's message.

Here's what you should know about this copy:

It's attachedonly when the message sender and recipient are inthe same organization.
It'sonly available to Vault.
Senders and recipients cannot access the copy from Gmail.
Third-party mail archiving tools cannot access the copy.

To delete all copies of a confidential mode message, you must delete it from the sender account and all recipient accounts.

Third-party archiving tools and confidential mode messages

When a message is sent in Gmail confidential mode, Gmail replaces the message body and attachments with a link. Only the subject and link are sent, using SMTP.

If your domain uses third-party eDiscovery or archiving tools, Gmail confidential mode might conflict with your organization's eDiscovery and retention policies. Before enabling this feature,we recommend you discuss the impact with your eDiscovery administrators and other policymakers.

Turn Gmailconfidential mode on or off

Youcan turn Gmail confidential mode on or off for your entire domain, or for specific organizational units.When you disable confidential mode, users in your organization can'tsend Gmail messages in confidential mode.

To prevent users in your organization from receivingconfidential mode messages, set up a compliance rule toblock incoming confidential mode messages.

To turn Gmail confidential mode on or off for your organization:

Sign in to your GoogleAdminconsole.
Sign in using your administrator account (does not end in @gmail.com).
In the Admin console, go to MenuAppsGoogle WorkspaceGmailUser settings.
In User settings, scroll to Confidential mode.
Uncheck or check the Enable confidential mode box.
Save your changes.

Changes can take up to 24 hours but typically happen more quickly.Learn more

To turn Gmail confidential mode on or off for an organizational unit:

Sign in to your GoogleAdminconsole.
Sign in using your administrator account (does not end in @gmail.com).
In the Admin console, go to MenuAppsGoogle WorkspaceGmailUser settings.
On the left, select the organizational unit.
Scroll to Confidential mode and uncheck or check the Enable confidential mode box.
Click Save.

Changes can take up to 24 hours but typically happen more quickly.Learn more

Block incomingconfidential mode messages

To create a compliance rule to block incoming confidential mode messages fromyour domain, follow the instructions in this section.

Note: For detailed information about creating compliance rules for all types of content,see Set up rules for content compliance.

How messages trigger compliance rules

Compliance rules you've defined affect Gmail confidential mode messages in these ways:

Outgoingmessages are subject to any compliance rules defined for messagesubject, body, and attachments.
Outgoing messages that match compliance rules toremove attachments aren't sent. The sender gets a bounce message.
Incoming messages are checked, but only the message header (including subject)is scanned.

How confidential mode messages are quarantined

Gmail confidential mode messages are quarantined in these ways:

Incoming messages in confidential mode are sent to Admin quarantine, but only the message header is scanned.
Outgoing messages in confidential mode aren't sent toAdmin quarantine. They're rejected and the sender receives a bounce message.

To block incoming confidential mode messages:

Sign in to your GoogleAdminconsole.
Sign in using your administrator account (does not end in @gmail.com).
In the Admin console, go to MenuAppsGoogle WorkspaceGmailCompliance.
Point to the Content compliance setting and clickConfigure. If you already set up compliance rules for other types of mail, point toany rule and clickAdd another rule.
The Add setting dialog appears, where you'll enter a name, select the message type to match, and define what action to take based on the message.
In the Add setting dialog, enter the following information:
- Enter a name for the rule.
- In the Email messages to affect, check the Inbound box.
- From Add expressions, chooseIf any of the following match the message.
- In Expressions, clickAdd, and then selectMetadata match.
- From the Attribute drop-down, chooseGmail confidential mode, and for Match type, chooseMessage is in Gmail Confidential mode.
- Click Save.
In the next section, which identifies what to do if the expressions match, choose Reject message.
(Optional) Enter a customrejection message that is automatically sent to the blocked message sender.
Click Save.

Changes can take up to 24 hours but typically happen more quickly.Learn more

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members Contact us Tell us more and we’ll help you get there

Start your free 14-day trial today

Professional email, online storage, shared calendars, video meetings and more. Start your free Google Workspace trial today.