Restricted view allows for more control
By default, Gmail users won’t have to go through this restricted Gmail experience, and emails will automatically decrypt when they arrive in their inbox if they are the intended recipients. However, administrators can choose to enforce the restricted Gmail view for everyone, including Gmail users, to ensure sensitive communications are not downloaded locally on third-party servers or devices.
Because this option requires authentication with an approved account and identity provider, organizations can easily revoke access and apply additional security policies. Google describes this experience as similar to a shared document stored in Google Drive.
“At a structural level, this approach offers more comprehensive encryption protection,” Julien Duplant, product manager at Google Workspace, told CSO. “It doesn’t matter who you send a message to or what email they are using; your message will be encrypted, and you are in sole control. There’s just one set of keys, and you’re the only one who has them.”