Better Privacy and Security with Secure Email
Social media, What’s App, Twillo, Slack, and other modern messaging apps may be rising in popularity, but email remains a critical aspect of digital communications, with billions of people relying on it for personal and professional matters. Free email services, such as Google Mail, have been popular for years. Legacy platforms Yahoo, HotMail, and AOL still maintain a large percentage of email users.
But there is a critical problem with email. It can be breached, monitored, and tracked. The increasing threat of cyber attacks and data breaches should be cause for many to consider switching to a secure email provider, especially for sensitive data sharing.
If you are concerned about your personal or business privacy and security, switching to a secure email platform is your best option.
Privacy is a key concern for many people. Unfortunately, free email services often compromise it by scanning your emails and tracking your online behavior to show targeted advertisements or to provide features, such as Google’s Smart Reply.
Conversely, secure email providers cannot read, analyze, or sell your data because they simply don’t have access to it. Additionally, they often follow a no-logs policy to store your messages, ensuring that your private information remains private.
While popular email platforms are economical, these companies are in the business of making money through monitoring and tracking you to sell advertising and behavior data. In contrast, companies committed to providing privacy and security make their money from paid service tiers.
Phishing scams are a common and growing risk in the digital world. Secure email providers have implemented enhanced spam protection features to reduce the risk of these scams. For example, DKIM and DMARC protocols use an encryption key and digital signature to verify emails.
While many breaches come down to human error, these automated protections make it less likely you will inadvertently expose your information.
Trackers are mostly used as a marketing tool. If you utilize services like Mailchimp or Constant Contact, your email messages contain trackers to measure the success of marketing campaigns, such as open and click-thru rates, devices used, and locations. But trackers can also be used for other nefarious purposes.
A 2018 paper published in Proceedings on Privacy Enhancing Technologiesshowed that 85% of emails contain trackers. The information the trackers collect is suppose to be anonymous; however, the study found that many third-party trackers receive the user’s email address when the user views emails or clicks on links contained within them. This can lead to not only the user’s email being compromised but also anyone in the user’s address book.
Many secure email providers automatically delete these trackers from your emails, reducing the percentage of email leaks by 87% and providing you with an extra layer of privacy.
Most also prevent email attachments from being loaded automatically because these can contain hidden pixels to capture your data and transmit it back to the sender.
All email communications reside somewhere in the cloud, on a server. The security of your email data is determined by the location of your email provider’s data centers and the encryption standards used. This is important because how and where your data is stored can determine how easily it might be accessed, monitored, or breached.
Most secure email providers store customer data in countries known for their strict privacy laws, such as Switzerland and Germany. While it may sound counterintuitive to trust a foreign entity with your email communications, U.S. laws protecting your online privacy are shrinking daily.
The NSA, FBI, and other federal agencies are keen to monitor online chatter on the basis of protecting national security and preventing other threats. Law enforcement also has the ability to obtain warrants to access email, text, and phone data in cases of suspected criminal activity.
Even the IRS has the right to subpoena all correspondence, notes, documents, receipts, emails, text messages, phone messages, and any other communication. This infringement on privacy and first amendment rights has many people concerned and wondering just how far laws should be stretched in the name of safety and security.
For an added level of security, secure email services encrypt your email communications to ensure that neither the email provider nor any third parties have access to your conversations. While all email services use some encryption, those focused on privacy and security go a step further by utilizing end-to-end encryption. In order for this to work, both the sender and the receiver must be using the same encryption protocols in order to view the message. There are fallback options when communicating with standard email addresses, such as Gmail, to ensure some level of protection is maintained.
Calendars and address books contain sensitive information that, if compromised, can create several problems, including spamming and spoofing your contacts and extracting online meeting links and passcodes. Some secure email providers also encrypt these services making it difficult for anyone to view your contacts or access your calendar. This provides protection for you as well as anyone listed in your address book or calendar.
Secure Email Providers
Encrypted email is the most secure alternative to free email providers and allows you to keep your sensitive data private. Most encrypted email providers are located outside of the U.S., putting them out of reach of government agencies and law enforcement. The use of encryption prevents even the service provider from accessing your data, meaning they cannot hand over any messages. Direct access via authentication and password would be needed to view your emails, which requires your consent to do so.
Proton Mail, based in Switzerland, was developed by researchers at CERN, the European Organization for Nuclear Research. It uses end-to-end encryption, making messages viewable to only you and the recipient. However, if you communicate with unencrypted services like Gmail, Proton Mail will scan these emails to protect against spam. IP logging is disabled by default to conceal your location data. Proton Mail also doesn’t store any of your data, so when you delete an email, it’s gone forever.
Proton Mail offers a free tier that includes all the security and encryption features, up to 1GB of storage, and the ability to send up to 150 messages per day. If you upgrade to a paid plan, you will benefit from advanced email features, such as the ability to add more than one email address, extra storage, custom email domains, and unlimited messages.
TutaNota is based in Germany, another country with strict privacy and data protection laws. Like Proton Mail, TutaNota uses end-to-end encryption to ensure the privacy of your emails. Where things differ slightly is in how the service handles external emails. If you send a message to another email service like Gmail, TutaNota sends a link to a temporary account where the recipient can view the message.
TutaNota also offers an encrypted calendar service. A free tier is available, and there are several paid tiers and add-ons based on the number of users, email address, and storage needs. Their website features a cost calculator to determine the total cost for the services you need. TutaNota also offers a white label version allowing you to embed the service on your website and use your own branding.
Mailfence is based in Belgium. In addition to secure email, it provides secure calendars, contacts, and document storage. Mailfence is end-to-end encrypted and supports OpenPGP. As with other providers, both the sender and receiver must be using a supporting encryption protocol to read messages.
Mailfence offers a free tier, with paid tiers offering more features. The company also donates 15% of its Ultra plan revenues to support the Electronic Frontier Foundation (EFF) and European Digital Rights.
Fastmail is an alternative to Gmail and other free services that doesn’t offer end-to-end encryption. However, it offers private, feature-rich email with contacts and calendar. It also offers unlimited email aliases to protect you from tracking, data leaks, and spammers. You can choose from a variety of email domains or use your own custom domain. It can auto-generate masked emails when signing up for online services and integrates with 1Password password manager. I’m a big fan of this combo and use it for my business and personal email.
Secure email is a little challenging to implement. But if security and privacy are important to your company, switching to a secure service is worth the effort. Many offer migration tools allowing you to transfer all of your emails from your current email client. However, if your company is using a generic email, e.g., firstname.lastname@example.org, versus a custom one, e.g., email@example.com, you will need to let all of your customers and contacts know about your email address change.
Secure email providers offer advanced encryption protocols, enhanced privacy, improved spam protection, and secure data storage, all of which are critical to protecting your private information. It’s definitely worth the switch.
Jillian Harman is owner of Hyperion Design and Publishing, a full-service creative and marketing studio, which also publishes this magazine. She has 30+ years of experience in technology, design, and marketing.
Find out how you can write your own articles and let readers discover more about your business and expertise in your industry. Contact firstname.lastname@example.org.