Best Secure Email Providers of 2019
Sending emails is part of society’s daily routine. There are an estimated 5.5 million email accounts open, with the average email user sending and receiving 246 emails a day, according to an Email Statistics Report.
How secure are those messages? Research shows up to 80% of emails sent aren’t secure. In other words, hackers can get their hands on two out of ten emails.
It all depends on what kind of email security you have in place.
Whether you’re a company protecting product development, a consumer safeguarding personal data, or a doctor tasked with abiding by privacy laws, there is a way to keep data safe. To do so you’ll need a secure email provider – and there are a lot to choose from.
Before we help you narrow your search for the most secure email providers, we’ll explore why emails need to be secure, what kind of protection common email providers like Gmail have, what makes a provider secure, what to look for when searching for the most secure email providers, and finally, a list of providers that take security very seriously.
Why email needs to be secure
Email was designed back in the late 1960s as a communication tool. Back then, security wasn’t a concern because emails were only sent to various users of the same computer. Once computers were networked and could talk to one another, emails could be sent to people using different computers. Even then security wasn’t a big concern, and for some, it’s still isn’t.
Decades later, email hacks are common. Earlier this year, Microsoft announced Outlook, Hotmail and MSN accounts were breached and accounts compromised. It’s just one of the many hacks that exposed personal information.
For some, the reason to send secure email is obvious. Employees exchanging emails while developing a new product or a doctor’s office forwarding medical records to a new physician do pose a security risk. If that information fell into a hacker’s hands, a product idea could be stolen or a patient’s home address could become public.
Others assume secure emails aren’t necessary for their mundane messages that include meeting notes, lunch schedules, and promotional offers. After all, who would want to steal that? The truth is, even the dullest inbox is a treasure trove of information for a hacker.
Your inbox could contain pictures, contracts, invoices, tax forms, password reset links and sometimes even credit card information. Your email account might serve as your login in for other accounts, like Facebook, Twitter and LinkedIn. With your email credentials, a hacker can easily steal your identity or worse. For those reasons, every email should be secure.
What is a secure email and how does it work?
Secure emails are protected against hacks mainly through encryption. A hacker can get to your email from four points: your device, the network, the server, and the recipient’s device. Secure email is disguised at every point during this process making it difficult for anyone to read or intercept it.
When the message is delivered, the recipient can only read your message with a key to decipher the encryption.
A secure email provider offers encryption tools, which cloak the email using behind-the-scenes tools.
Are Gmail and other popular email providers secure?
Gmail has one billion active monthly users worldwide, making it the most popular email provider out there. While Gmail ranks high in popularity, how does it rank in security?
Gmail and other popular providers like Hotmail and Outlook do take steps to protect your email privacy, but not to the level of a secure email provider.
Gmail’s standard method of encryption is called TLS, or Transport Layer Security. This security measure encrypts your messages as it’s traveling from your device over the network and to Google’s server. At this point, the email isn’t disguised anymore.
Google even scans your messages for several reasons. For starters, Google looks for spam words to drop unwanted emails into a separate folder. Google also checks your text for keywords to trigger the Smart Reply feature, and to show you relevant ads later on. Other mainstream email providers offer similar features.
Google does offer a more advanced security option for paid G Suite users, but it’s still not the kind of security used by the best secure email providers. Other providers have ways to increase security measures as well, but again, secure email providers specialize in this field.
What makes a provider secure?
Why are the best secure email providers classified as “secure?” What gives them this distinction. Secure email providers offer advanced protection measures that mainly focus on encryption.
By using the most secure email providers, you should be able to:
- Send and receive end-to-end encrypted emails
- Encrypt the subject line, body and attachments automatically
- Utilize encrypted cloud storage for contacts
- Access encrypted email storage for archived messages
- Prevent automatic image loading for further privacy
In addition, the most secure email providers should also offer all of the familiar features you’ve come to expect when crafting and sending an email, including:
- Spam protection
- Folder management and organization
- Draft creation
- Contact import
- Noticeable unread emails
- Offline usage
- Group email delivery
- Out-of-office notifications
Security features to look for
If you’re decided that email security is a priority, you should investigate the best secure email providers. To help narrow your search, you can look specifically for these safeguards:
The most secure email providers offer end-to-end encryption, which is a fancy way of saying your email message is scrambled so it can be read by anyone other than the intended recipient, who is able to unscramble the message with an encryption key.
While the process might sound complicated, encryption tools set up by a secure email provider take care of the process in the background.
A two-factor authentication process has two layers of security. It relies on something you know like a password and something you have like a smartphone.
You might use two-factor authentication already. When you enter your login credentials and a specific code that’s sent directly to your phone, that’s two-factor authentication.
Since the process requires two pieces of information, it’s harder for cybercriminals to hack. Even if hackers did get ahold of your username and password, it’s useless without the code that’s messaged to you.
When you send an email, you actually send more information than you think. Every email contains metadata, which are small snippets of information that could be mined by hackers.
Metadata could include information about your web browser, network and the person you’re sending messages to. While these tidbits seem fairly useless, to a hacker, it’s the first step toward learning more. For example, hackers can use metadata to search your browser history and learn more about the person you’re communicating with.
The best secure email providers remove metadata to limit the amount of personal information that’s vulnerable.
Just as secure email providers strip metadata from emails, so should your IP address. With an IP address a hacker can learn which internet provider you use, and more importantly, your physical address. It’s another small piece of data that seems mundane to users but is quite valuable hackers.
Europe passed a massive privacy law last year that aims to protect the digital privacy of its citizens. The law ensures that data is collected legally and under strict conditions, holds companies accountable for the storage and misuse of any data, and gives consumers the right to regulate the information shared.
A secure email provider can help you create comply with this law, which entails privacy policies and strict data collection and usage rules.
A list of the best secure email providers available
Ready to secure your emails? Now that you know what you’re looking for, it’s time to find an email provider to work with. As you might expect, there are many options to choose from. To help narrow the search, here’s a list of eight of the most secure email providers:
CounterMail offers end-to-end encryption and is transparent on how their security systems work. The company stores encrypted emails on diskless servers, which provides an extra layer of protection against data leaks. Those servers are based in Sweden, a country that first implemented data privacy laws in the 1970s.
CounterMail is one of the few providers to offer an additional layer of protection in the form of a USB key. If you enable this feature, you use a secure USB drive to access your email.
While CounterMail is one of the best secure email providers, it’s not cheap. The service costs about $60 a month with additional fees for increased storage space and domains.
ProtonMail makes the list of best secure email providers for several reasons. For starters, ProtonMail is as popular and as easy to use as Gmail. It offers a simple user interface and all of the ordinary email functions, but with more security.
ProtonMail takes security quite seriously. Its encryption is so strong the company itself can’t see your emails. The data centers that enable emails to go from one computer to the next is in a nuclear bunker under 1,000 meters of granite. And, ProtonMail is a free email service.
The service works best between ProtonMail users. To send an email to a non-ProtonMail user, you can choose to send an unencrypted email or send an encrypted message that’s only readable via a password that you share.
Hushmail shares similarities to ProtonMail. It’s also easy-to-use and has both smartphone and desktop applications. However, if you’re a Mac lover, you’re out of luck Hushmail doesn’t work on its operating system.
Like ProtonMail, users within Hushmail can send and receive secure emails. To send to an outside user, the recipient receives a link that takes them to a secure site to read the message. The recipient will need a password. If you’d like to add an additional layer of protection, the recipient can also be required to answer a security question.
Hushmail also offers integrated forms that you can add to your emails, like a survey or patient intake form.
Ready to try Hushmail? The company offers a free version, but the company also offers niche applications for certain industries. You can choose from Hushmail for personal use, small business, healthcare, law, nonprofits and enterprise. Pricing hovers around $10 a month for each application.
Tutanota, which means “secure message” in Latin, offers end-to-end email encryption that works with all devices and browsers. The company is based in Germany, a country known for some of the toughest privacy laws in Europe, which includes GDPR compliance.
The encryption method implemented for Tutanota users has received some criticism. The company uses AES-128, which has one layer of protection, instead of PGP, which uses two layers of protection and therefore is considered more secure.
Tutanota also offers a free encrypted calendar that works alongside your email service, which is handy for anyone in the business world.
Tutanota offers a free package that comes with one email address and one gig of storage. If you continue to use the service you’ll likely need more storage, which can be a bit pricey.
Runbox makes the list of best secure email providers because of its unique features. Unlike its competitors, Runbox has complete integration with more common email providers like Gmail and Outlook. What does that mean for users? You can safely transfer your email data to Runbox with a few clicks.
Customers of Runbox also rave about the company’s customer service. If you have a question, you can reach out for help seven days a week. The support team can be reached via email, on the web or through Twitter.
As you might expect, Runbox uses all of the encryption methods possible and even stores data inside a vault with electromagnet protection, fire suppression and manned security.
Runbox offers a free trial, but after that time ends you’ll have to select a package. The company offers several pricing packages, which can be explored on the Runbox website.
Kolab Now is a secure email provider for small and medium businesses. If you work in an environment with sensitive information that can’t fall into the public’s hands, this service is for you.
The Swiss-based company bills itself as more than a secure email provider though. Kolab Now “provides email, contact and file sharing functionality that fuels enterprise communication.”
While the company does take measures to protect your emails, it does not offer end-to-end encryption and doesn’t specify what kind of security measures are taken.
However, users rave about the easy-to-navigate software and all of the added features, like an integrated calendar, contact list, shared folders, and notes app.
The cost of Kolab Now is on the high end, but since it’s protecting businesses that’s not surprising. It’s about $5 a month to use Kolab Now with additional fees for storage and other advanced features.
Mailfence believes privacy is a right, and the company not only works hard to provide the most secure email service possible but also donates to pro-privacy nonprofits.
The provider offers end-to-end encryption to protect the information inside emails, and also gives users the ability to turn the encryption feature off.
Mailfence also puts a lot of emphasis on its anti-tracking tactics. Unlike Google, Mailfence isn’t tracking your emails and searching for keywords in order to show you advertisements. On its website, the ‘no tracking policy’ reads: No ads, no spam, no solicitations, no backdoor and free from government surveillance.
The company has almost 20 years of experience, which in an ever-changing digital landscape is a long time. Their commitment to email security for so many years offers many users reassurance that the service will be around for years to come.
Posteo boasts that its company is “green, secure and ad-free.” The company is powered by green energy, offers secure email services, and will not scan your emails with the intent of advertising to you.
Posteo also gives its users the ability to sign up and pay anonymously, which is another layer of privacy protection. While the company gives users the ability to send secure email, it doesn’t offer end-to-end encryption, which is considered the strongest form of security in the email world. There are other protections in place including encrypted access and transmission, encrypted storage and two-factor authentication.
The Berlin-based company also offers a great support team, so if you have questions about your account or aren’t sure how to work certain features you can always reach out with questions.
Email has become a communication necessity, and while it’s a great way to exchange ideas its security is lacking. Common email providers like Gmail simply don’t provide the security that’s required to protect against hacks and data leaks. As a result, more companies are searching for the most secure email providers on the market.
Secure email providers give you the ability to send and receive protected messages without knowing a thing about encryption. Once you’re committed to sending secure emails, research the features needed and review the companies that meet your needs.