🔑 Key Takeaways
- Virtru adds client-side encryption to Gmail and Outlook via extension in minutes, not weeks.
- The proprietary TDF format supports revocation and expiration that S/MIME and PGP cannot match.
- Pricing runs free personal, Pro at about $79 per user yearly, and custom Enterprise with DLP.
- The Pro tier BAA covers Virtru servers but not the underlying Gmail or Outlook mailbox itself.
- Reviews praise setup speed and post-send controls; recipient Secure Reader is the top friction.
Virtru email encryption is one of the most widely adopted client-side encryption products in the small and mid-market segment. The service plugs into Gmail and Outlook through a browser extension or add-in and encrypts messages on the sender’s device before they leave the mail client.
This guide covers how virtru email encryption works, what it costs, and where it fits. Sections address pricing tiers, HIPAA coverage, the proprietary Trusted Data Format, review sentiment, and honest deployment trade-offs.
The material is aimed at IT decision makers evaluating Virtru against alternatives. Every section reflects Virtru documentation, published pricing on the Virtru site, and aggregated review sentiment from Gartner Peer Insights, G2, and TrustRadius.
How Virtru Email Encryption Works
Virtru installs as a browser extension for Gmail and as an add-in for Outlook. Once installed, the compose window in either application displays a Virtru toggle above the message body.
Enabling the toggle before Send encrypts the outbound message using Virtru’s Trusted Data Format. The message body and attachments are wrapped in a TDF container that includes policy metadata and references to encryption keys held on Virtru servers.
The recipient receives an email with a Secure Reader link. Clicking the link opens the Virtru Secure Reader in a browser and displays the decrypted content. First-time recipients complete a short verification flow. Returning recipients read directly.
The sender can also enable post-send controls at the time of encryption: message expiration, disable forwarding, disable printing, watermarking, and read receipt visibility. Those controls are enforced by the Secure Reader when the recipient opens the message.
Virtru Email Encryption Pricing Tiers
Virtru publishes three pricing tiers on its site. The tiers scale from free personal use to enterprise deployments with custom pricing.
The free personal tier supports encrypted send and receive on personal Gmail accounts. Basic post-send controls are included. The tier does not include a BAA and is not suitable for HIPAA-covered content.
- Free tier: personal Gmail encryption, basic controls, no BAA
- Pro tier: approximately $79 per user annually, BAA included, full post-send controls
- Enterprise tier: custom pricing, adds DLP, key management options, advanced integrations
- Volume discounts: apply above ~100 seats on the Enterprise tier
The Pro tier at $79 per user per year sits above the Zixcorp base tier ($30 to $50) and roughly comparable to portal-based products such as Barracuda Email Gateway Defense at the small business scale. Enterprise negotiations often move on volume and add-on scope.

Downloading and Installing Virtru
Installation is one of the shorter paths in encrypted email deployment. The Virtru extension for Chrome installs from the Chrome Web Store in under a minute. Firefox and Edge extensions install through their respective add-on stores.
The Outlook add-in installs through Microsoft AppSource for Outlook 2016 and later, Outlook for Mac, and Outlook on the web. Enterprise administrators can deploy the add-in centrally through the Microsoft 365 admin center for all users at once.
After installation, the user signs in to Virtru with their existing Gmail or Microsoft 365 credentials through OAuth. That step links the mail account to the Virtru service. No new mailbox or address is created.
Total time from installation to sending the first encrypted message is typically under five minutes. That contrasts with the 30 to 90 day tuning cycle common for gateway policy products such as Zixcorp or Proofpoint.
The Trusted Data Format and Its Trade-Offs
Trusted Data Format (TDF) is Virtru’s proprietary encryption container. It wraps content in a package that includes both the ciphertext and policy metadata such as expiration dates, forwarding restrictions, and watermark instructions.
The design gives senders post-send controls that neither S/MIME nor PGP provide. A sender can revoke access to a message after delivery, change the expiration date, or add a watermark. Those features rely on the Secure Reader enforcing the policy at open time.
The trade-off is interoperability. TDF is not an open standard supported by native mail clients. Recipients read TDF messages through the Virtru Secure Reader, not through Outlook’s or Apple Mail’s S/MIME support. That dependency ties recipient access to Virtru infrastructure remaining operational.
Organizations that need standards-based encryption for interoperability with S/MIME or PGP users need a different tool. Our guide to S/MIME email encryption signature covers the standard-based approach.
A boutique law firm with eight attorneys picks Virtru Pro at $79 per user annually for client communication involving privileged material. Setup finishes in under an hour on a Tuesday morning. Within two weeks, attorneys use post-send revocation four times to pull back messages sent to wrong recipients from autocomplete errors. Clients on Gmail open messages through the Secure Reader with a verification code on first read. The firm accepts the modest recipient friction because revocation and expiration controls justify the pricing above simpler portal options.
Virtru Email Encryption and HIPAA
Healthcare practices use Virtru on the Pro and Enterprise tiers to send HIPAA-covered PHI through Gmail or Outlook. The BAA covers Virtru’s services under HIPAA’s business associate rules.
The BAA scope includes Virtru servers, the Secure Reader portal, and the TDF encryption process. Practices should confirm the signed BAA is in force before routing PHI. HHS publishes sample provisions at the HHS BAA reference page.
The Virtru BAA does not extend to the underlying Gmail or Outlook mailbox. For full HIPAA coverage across the mail path, the practice needs Google Workspace on a BAA-eligible plan or Microsoft 365 on a business plan with a BAA. Free consumer Gmail does not qualify. Our companion piece on HIPAA compliant email Gmail covers the Workspace plan requirements.
Practices building broader HIPAA compliance often pair encrypted email with hardening on the web side. Our team at Redefine Web has published guidance on healthcare website security features.

Virtru Review Notes from Peer Sources
Aggregated reviews from Gartner Peer Insights, G2, and TrustRadius cluster around consistent themes. Positive scores focus on ease of setup, Gmail and Outlook integration quality, and the post-send controls.
The setup speed is a common highlight. Reviewers frequently note that a small practice can be sending encrypted email within an hour of purchasing. That contrasts with 30 to 90 day gateway deployments and drives adoption in the small business segment.
Negative scores focus on the proprietary TDF model, the recipient Secure Reader experience (which has improved but historically drew complaints), and pricing above budget-conscious small practices. Reviewers also occasionally cite the OAuth reauthentication cycle in Gmail as a friction point after Google credential rotation events.
Deliverability and the sender experience rarely draw complaints. The integration into the existing mail client keeps sender workflow essentially unchanged. That is a real strength compared to portal-based products where the sender must remember to route sensitive mail through a separate compose interface.
Post-Send Controls in Virtru
Post-send controls are one of the strongest Virtru differentiators. The sender can enforce policy on a message after it has already left the outbox by adjusting metadata stored on Virtru servers.
Message expiration lets the sender set a date after which the Secure Reader refuses to display the content. Useful for time-limited offers, contract negotiations, and clinical results with a documented review window.
Revocation lets the sender cut off access to a specific message even before expiration. Useful when a message was sent to the wrong recipient or when a situation changes after send.
Disable forwarding, disable printing, and watermarking add friction against internal or accidental redistribution. None of these controls are cryptographically enforceable in the strict sense, since a determined recipient can screenshot or transcribe. They act as policy signals and legal deterrents rather than technical guarantees.
Virtru's revocation, expiration, and disable-forwarding controls are its strongest differentiator. Before signing, list the last twenty sensitive messages the team sent and ask whether any of them would have benefited from those controls. A workflow of routine patient reminders rarely uses revocation. A workflow of contract negotiations, clinical results with review windows, or attorney-client documents uses them weekly. Match the tier to actual usage patterns, not to the theoretical value of features that sit unused.
The Recipient Experience with Virtru
Recipients of Virtru-encrypted messages receive a normal-looking email with a Secure Reader link. Clicking the link opens the Secure Reader in a browser tab and displays the decrypted content.
First-time recipients complete a short verification flow. Virtru typically sends a verification code to the recipient’s email address to confirm identity. That step reduces phishing risk but adds a small friction to the first read.
Returning recipients read directly through the Secure Reader with a shorter session flow. Recipients who receive frequent messages from the same sender often find the Secure Reader workflow acceptable. Recipients who receive occasional messages find the extra click and verification step noticeable.
For senders whose recipients want no portal or Secure Reader step at all, inbox-native services such as Mailhippo deliver decrypted content directly to the recipient’s regular inbox with a one-click experience.
Virtru Compared to Alternatives
Virtru competes with three categories of alternatives: gateway policy products (Zixcorp, Barracuda, Proofpoint), Microsoft-native encryption (Purview Message Encryption), and inbox-native services.
Against gateway policy products, Virtru wins on setup speed and loses on policy-based enforcement. A Virtru sender must remember to enable the toggle. A Zixcorp gateway scans every outbound message automatically. For high-volume regulated senders, that enforcement gap matters.
Against Microsoft Purview Message Encryption, Virtru offers more granular post-send controls and works with both Google Workspace and Microsoft 365. Purview is bundled with M365 E3 and E5 and works transparently between M365 tenants without additional cost for licensed users. Purview documentation lives at learn.microsoft.com purview ome.
Against inbox-native services, Virtru offers more post-send controls and a longer feature list. Inbox-native services offer a smoother recipient experience and often a lower price point. Our companion piece on email encryption service covers the category comparison.
When Virtru Fits and When It Does Not
Virtru fits small to mid-size teams that use Gmail or Outlook, need HIPAA-compliant email quickly, and value post-send controls such as revocation and expiration. Legal firms, healthcare practices, and financial advisors are common Virtru customers.
Virtru does not fit large enterprises with heavy regulated content flow that need policy-based automatic enforcement across thousands of users. The user-triggered toggle model depends on the sender remembering to encrypt, which introduces enforcement gaps at scale.
Virtru also fits less well for organizations that need cryptographic zero-knowledge encryption with recipient-held keys. TDF holds encryption keys on Virtru servers, so Virtru servers can decrypt if compelled by legal process. Organizations with true zero-knowledge requirements need S/MIME or PGP.
For a broader view, our companion articles on secure email encryption service and email encryption cover the category landscape and help match tool to workflow.
Frequently Asked Questions
Virtru offers a free personal tier for individual users. The Pro tier for business users is priced around $79 per user annually and includes the BAA for HIPAA coverage. The Enterprise tier is custom-priced and adds data loss prevention, key management options, and integration features. Volume discounts apply at higher seat counts. Small practices under 10 seats pay approximately full list. Enterprises above 500 seats typically negotiate below list. Confirm current pricing on the Virtru site because published rates are updated periodically.
Yes. Virtru offers a free tier for personal Gmail users that supports encrypted send and receive with basic controls. The free tier does not include a BAA and is not suitable for HIPAA-covered PHI. It also lacks the DLP integrations and advanced management features of the Pro and Enterprise tiers. The free tier works well as an evaluation environment or for individual privacy-focused users who want client-side encryption on a personal Gmail account without paying for a business plan.
Virtru installs as a browser extension for Gmail (Chrome, Firefox, Edge) and as an Outlook add-in for Outlook desktop and Outlook web. Once installed, the compose window shows a Virtru toggle. Enabling the toggle encrypts the outbound message using Virtru’s Trusted Data Format. The recipient receives a normal-looking email with a Secure Reader link that opens the decrypted content in a browser. The sender can also enable post-send controls such as expiration, disable forwarding, and watermarking through the same interface.
Trusted Data Format (TDF) is Virtru’s proprietary encryption container. It wraps message content and attachments in a package that includes policy metadata and references to encryption keys held by Virtru servers. TDF supports features that S/MIME and PGP do not, such as post-send revocation, expiration, disable forwarding, and watermarking. The trade-off is that TDF is not an interoperable open standard. Recipients read TDF-wrapped content through Virtru’s Secure Reader rather than through their normal mail client’s native encryption support.
The Pro and Enterprise tiers include a Business Associate Agreement covering Virtru’s services under HIPAA. The free personal tier does not include a BAA and is not suitable for PHI. The BAA covers the Virtru servers, the Secure Reader portal, and the TDF encryption process. Healthcare organizations should confirm the signed BAA is in force before routing PHI. The BAA does not extend to the underlying Gmail or Outlook account, so the mail platform must also be on a BAA-eligible plan for full path coverage.
Virtru and Zixcorp target different segments. Virtru fits small to mid-size teams that want quick setup on existing Gmail or Outlook accounts. Zixcorp fits enterprises with heavy regulated content flow, mature IT teams, and a need for policy-based enforcement across large user populations. Pricing overlaps in the middle. Virtru at $79 per user is competitive with the Zix base tier at $30 to $50 per user, though Zix drops with volume. Our companion piece on Zixcorp email encryption covers Zix in detail.
Virtru is an outbound encryption product. It does not scan inbound mail for phishing. Preventing phishing requires a separate inbound email security product such as those offered by Microsoft Defender for Office 365, Google Workspace advanced security, Barracuda Email Gateway Defense, or a dedicated anti-phishing service. Virtru complements those products by protecting outbound content but does not replace them. Practices should treat encryption and phishing defense as separate categories of protection and evaluate each independently.








