When compared to more modern video conferencing and collaboration platforms such as Zoom, Slack, and Microsoft Teams, email can easily be dismissed as outdated and inconvenient. Nevertheless, it’s still considered the most commonly-used form of business communication, especially when contacting individuals from outside of your organisation. After all, it requires minimal internet connection and, as opposed to the immediacy of video calls, email etiquette allows users to open messages whenever it’s most convenient to them, leading to a better work-life balance.
However, as one of the more traditional systems of communication that hasn’t changed much over the past decade, email is also the perfect target for cyber criminals looking to gain easy access to an organisation’s data.
Despite plenty of email providers rolling out extra security features such as CAPTCHA verification tests, hackers always come prepared. In a recent case, attackers were spotted sending out phishing emails attached as HTML files that looked clean to a secure email gateway. When a victim opens the HTML file containing a CAPTCHA and solves it, the browser will then show them a phishing page asking them to enter their credentials.
In a cyber landscape where no one can feel truly safe, there are ways to mitigate the threat of having your email account compromised by threat actors. This includes selecting an email service provider that comes equipped with additional security features designed to prevent hackers from gaining access to your inbox. In this guide, we compare communication offerings based on price, storage, and features, allowing you to choose the best secure email service for your business.
What to look for in a secure email service
Whether you’re a home user or work for a large corporation, it’s good to know what security features your email service has. Below, you’ll find some features you should look for in secure email service and how they may benefit you.
End-to-end encryption disguises data in order to prevent it from being read or changed, and sending an email over this secure communication system means only the device it’s sent to can decrypt it, with the use of a private decryption key.
This method is considered one of the safest because it prevents third parties from being able to access the secure file while it’s being transferred within the end-to-end system.
Pretty Good Privacy (PGP) is seen as a fairly standard encryption service, but it’s extremely difficult to hack. This is a key reason why this email security tool is still used today, using a combination of data compression, private-key and public-key cryptography, since its conception in 1991.
The way it works is that each user of this system has an encryption key that is known publicly; this changes the contents of a secure text file or email into a complex code of characters. This code is then sent to the recipient who uses their private PGP encryption key to turn the characters back into a readable message.
Without access to the public and private encryption keys, others won’t be able to read the contents.
Two-factor authentication, or 2FA, is a protective feature that means that in order to read a secure message or email, the recipient needs a password or code that’s sent to them to decrypt it; this can either be by text message or an authenticator app on your phone.
With this method, businesses can enable their employees to access messages from wherever they are, and decrease the chances for hackers to gain access without the authentication passwords.
An email server’s location has a bearing on how secure it is. Countries like the US and UK share intelligence data about citizens, and this data can be collected from servers based in those countries.
Other countries — Germany and Switzerland, for example — have tougher privacy laws, so many secure email services are based there to prevent snooping.
What secure email services are available?
There are plenty of secure email services available. Here are six of the most secure options.
Price: From £0 up to £6.83 (€8.00 / $9.45) per user per month
Storage: 500MB – 20GB
One of the world’s largest secure email services, ProtonMail offers end-to-end encryption and a raft of other security features, such as encryption via secure implementations of AES (Advanced Encryption Standard), RSA, and OpenPGP.
You can also send end-to-end encrypted emails to non-ProtonMail users by sending the recipient a link that displays the encrypted message on their browser. You can then share a passphrase with the recipient to decrypt the message.
The company says it can’t read any emails it hosts because the data is encrypted so it’s inaccessible to the provider. The provider can’t decrypt the data either, so it can’t hand it over to third parties.
Plus, it’s based in Switzerland, which has some of the world’s strictest privacy laws. It also has a no-logs policy and offers self-destructing emails.
Price: From £0 to £4.10 (€4.80 / $5.67) per user per month
Included storage: 1GB – 10GB
Paid storage: Up to 1TB at £51.24 (€60.00 / $70.89) per month
This Germany-based secure email service provider offers a GDPR-compliant email service with built-in encryption and a secure calendar that allows no one but you to see your appointments. It also has desktop apps for Windows, macOS, and Linux and mobile apps for iOS and Android.
It uses AES-128 symmetric encryption or RSA-2048 asymmetric encryption, depending on the email recipient. The service also obfuscates email subject lines and attachment names.
Other security features include end-to-end encrypted mailbox, end-to-end encrypted address book, automatic end-to-end encrypted emails between users, end-to-end encrypted emails to any email address via a password.
It also has a secure password reset that gives the company no access at all. Users can execute a full-text search of encrypted data locally. There is also TLS with support for PFS, DMARC, DKIM, DNSSEC, MTA-STS.
Price: From £0 to £21.35 (€25 / $29.54) per month
Storage: 500MB – 50GB
MailFence is encrypted with a secure, open-source implementation of OpenPGP and offers cloud-based calendar, contact, and document tools. Existing PGP users can also import and manage their keypairs in the app.
It offers end-to-end encryption and digital signatures with data stored on Belgian servers. Customers can send encrypted messages to users who don’t use PGP. It also offers SSL/TLS, Perfect Forward Secrecy (PFS), MTA-STS, and HSTS for protecting your data while in motion.
This Belgium-based secure email service donates 15% of the Pro and Ultra plans revenues to support the Electronic Frontier Foundation and the European Digital Rights Foundation.
Price: £36.13 (€42.30 / $49.98) [personal account per year]; £4.33 (€5.07 / $5.99) per user per month [small businesses]; £7.22 – £28.19 (€8.46 – €33.01 / $9.99 – $39.00 per month [health care]; (€8.46 / $9.99) per month [law]; and £2.88 (€3.38 / $3.99) per user per month [non-profits]
Storage: 10GB (personal, small business, law); 10-15GB per user (health care); and 10GB per user (non-profits)
Hushmail offers end-to-end encryption using open-source OpenPGP, but subject lines are unencrypted. User passwords are also hashed, and Hushmail uses a zero-knowledge model. Plus, the company can’t decrypt emails without a password.
However, if the provider gets an enforceable order under British Columbia law, they’ll have to reveal data in an unencrypted format.
Price: £0.85 (€1.00 / $1.18) per month to £7.69 (€9.00 / $10.63) per user per month
Storage: 2 GB- 25GB (50GB cloud storage)
Mailbox.org is a Germany-based secure email provider and is compatible with mobile devices and third-party clients. Mailbox.org also offers cloud storage and secure video conferencing features.
The service allows users to register anonymously without having to enter any personal details. SSL/TLS encryption protects data transmission, and it uses full PGP encryption. Users can choose to prevent sending mail to recipients without secure mailboxes.
The provider also uses (EC)DHE algorithms for Perfect Forward Secrecy (PFS), which prevents any possible decryption of recorded data traffic in the future. Mailbox.org secures its domain with DNSSEC and DANE/TLSA and uses HSTS, CAA, CSP, MTA-STS, and X-XSS to prevent man-in-the-middle attacks (MitM).
Price: £0.85 (€1 / $1.18) per month
Paid storage: £0.21 (€0.25 / $0.30) per month per additional GB (up to 20GB)
Posteo works on any device to enable cross-platform synchronization and includes spam and anti-virus filters. Plus, it strips identifying IP addresses from all emails. Users can sign up for and pay for the service anonymously. The firm is headquartered in Berlin, Germany, where it has been running since 2009.
Posteo also uses TLS with Perfect Forward Secrecy (PFS), DANE/TLSA, HTTP Strict Transport Security HSTS, SSH
Its servers’ hard disks are AES encrypted to prohibit data theft and unauthorized access and are in a highly secure German data center. There is also optional on-server email encryption with RSA, AES, HMAC, and bcrypt hashing.
Emails sent using Posteo’s webmail interface contain neither a user’s local nor public IP address. Users can secure Posteo accounts with two-factor authentication and set it up on all devices with free apps.
Some parts of this article are sourced from: