Previously available in beta, client-side encryption (CSE) customers can now conduct bulk migrations of sensitive files from both cloud and on-premises data sources. This process ensures confidential content is wrapped with customer-managed keys before it's imported into Google Workspace. Using this tooling, CSE customers can decommission their legacy third-party storage while ensuring the CSE model is in place throughout the document lifecycle. The API is highly configurable, we share a generalized sample code to make deployment simple, but customers can further customize it depending on their needs.Getting startedAdmins: This feature will be ON by default for customers. Admins or authorized users will need to call the Drive API to leverage the feature. Visit the Help Center to learn more.End users: There is no end-user setting in Drive for this feature.Rollout paceRapid Release and Scheduled Release domains: Available nowAvailabilityEnterprise: Enterprise PlusEducation: Education Standard and PlusOther Editions: Frontline PlusResourcesGoogle Workspace: Google Drive API overviewGoogle Workspace: Manage client-side encrypted files with the Drive APIGoogle Workspace: Best practices for bulk importing client-side encrypted filesCode sample: GitHub, PyPIKeyword: Import sensitive external files to Google Drive with client-side encryption using the Drive API, launching in betaKnowledge: About client-side encryption