Google has taken another step in its stance against NSA surveillance on Thursday, promising to use an encrypted HTTPS connection every time a Gmail user checks or sends an email.
Gmail made HTTPS encryption the default in 2010, but this announcement means that no one will be able to “listen in” to messages as they travel from users to Gmail servers.
Last year, reports surfaced that unencrypted data packets passing through the fiber linkages between private data centers could be intercepted by government spies without data center operators knowing, enabling the government to access millions of records daily from internal Yahoo and Google networks. To address this, Gmail now encrypts messages moving internally as well as they move between Google’s own data centers.
For cloud services, including email, security is a major user concern. Service providers are in a unique position to offer customers assurance, and a new Microsoft study shows that users are willing to pay for it. According to Microsoft, 60 percent of customers would pay their hosting service provider a 26 percent premium on average for security guarantees
Last year, Gmail was available 99.97 percent of the time, which averages to less than 2 hours of disruption for a user the entire year. Earlier this week, Google Talk and Google+ went down for around 3 hours.
Two-factor authentication is becoming a preferred way of securing online services like email, though it isn’t perfect. Recently, a new website was launched to help users determine at a glance which online services use two-factor authentication.