There’s a lot of talk going on about data encryption. Nearly every day we hear about email leaks and we start to wonder if our data is secure. And rightly so! Those who ignore such vital concerns are often the hacker’s first victims. However, those who do give it some more thought use some of the best email encryption software on the market and keep their data secure. What should you pick? Let’s go through the best available options.
Is there a need for more email encryption?
A huge majority of emails sent over the internet are transferred via the SMTP protocol. Old technology serves the purpose well but offers little to no security. This means that your emails are often transmitted between servers in plain text mode. If there’s a breach at any stage, all the information will be easily accessible to hackers.
Of course, ever since the 80s, efforts have been made to address this problem. New methods, such as SSL and TLS, have been introduced for encrypting your emails. These days, all major clients provide some form of encryption. Things have definitely improved.
But your emails are still far from safe. SSL/TLS only encrypts emails on their way from a client to an outgoing server. At this point, they’re decrypted and processed further in plain text, making them susceptible to attack. SSL/TLS also doesn’t encrypt emails sitting in your inbox or your receiver’s. If security is breached, all sensitive data will easily be exposed.
Another caveat is that the SSL/TLS used by nearly all clients is, by default, opportunistic. This means that when a transmission is launched, an email client uses a command called STARTTLS to try to upgrade the connection to a secured one. However, if it fails due to a timeout, lack of server support for this solution, or just about any error, the transmission will be processed in plain text. It may be fine for casual messaging, but for companies or governments sending heavily classified data over emails, it’s too much.
If you’re interested to read more about this, check out our article on SMTP Security.
What is email encryption software?
To counter the imperfections of existing encryption methods companies have built lots of sophisticated tools for email and data encryption. They incorporate many different techniques for securing emails, which can be split into two main categories.
Enterprise email encryption platforms are typically used for internal communication in large corporations or between governmental facilities. These platforms only work if both a sender and recipient use the same encryption software. If you were to encrypt an email this way and send it to an external receiver, they would have no way of deciphering it.
These solutions typically rely on public and private keys that they distribute in a network. A message is encrypted with a user’s public key and each of the recipients is able to decrypt an email using the corresponding private keys. Of course, the whole operation happens under the hood and is invisible to actual users.
The advantage for companies is that they can manage their own keys without sharing them with 3rd parties (such as encryption platforms themselves). The disadvantage is that if something goes wrong and the keys are no longer able to be retrieved, the messages encrypted with them won’t be either.
Although some of these solutions can be installed, most work as hosted email encryption platforms. Due to their universality and platform-agnosticism, we recommend using them moving forward.
On the other end of the spectrum, there are webmail services for email encryption. While the enterprise solutions are often difficult to set up and maintain, webmails are (generally) as easy to use as regular Gmail or Yahoo! accounts.
Webmail also relies on public and private keys. Some tools store them for you and automatically exchange them with your recipients. This makes for a pretty seamless experience.
Other web-based tools hand you the task of managing keys. This way, no governments are able to decrypt your data but you’re in charge of storing the keys and sharing them with the recipient(s).
Best hosted email encryption services
Let’s now discuss our top picks for email encryption software in 2020. There are plenty to choose from!
ProtonMail is a popular free email encryption software. It’s actually an email client that works like any other software of this type. There’s just one “tiny” difference: all emails sent from ProtonMail account are end-to-end encrypted. The same goes for emails accepted from other senders. They remain encrypted while in an inbox.
ProtonMail was launched by a group of scientists and developers concerned about user privacy. They aim to provide a platform where users can freely exchange information and are protected by strict Swiss privacy laws. They have managed to attract millions of users craving for a secure way to send emails.
The account is free with 500MB of storage and allows you to send up to 150 emails per day. Paid plans come with a higher capacity and more features (and they’re quite inexpensive too). Web and mobile apps are available.
Right across the northern border from the Proton guys, there’s Tutanota hailing from Germany.
Tutanota is also a web service with end-to-end encryption for all its emails. The platform encrypts all elements of a message, including a subject, body and attachments. It also removes your IP address from sent messages so that they can’t be tracked down to any specific location.
Tutanota is available as a web service and via native iOS and Android apps. The basic plan is absolutely free of charge, while premium and business setups come with a recurring fee.
Proofpoint is an enterprise-level solution primarily suitable for large companies and organizations. It’s available as a Cloud service but can also be implemented on-site when required.
Proofpoint comes with two-way encryption. All of your outgoing emails are end-to-end encrypted, while the same software protects you from potential attacks with incoming emails. The software offers policy-driven encryption that happens entirely under the hood. On top of that, features like data loss protection or streamlined storage are also available.
The company doesn’t offer fixed pricing, each client can expect to be priced individually according to the features and capacity needed.
Another software that we can definitely recommend for individuals and small/medium enterprises is Hushmail. Depending on what you need, they probably have something in store.
For individuals, Hushmail offers a regular email account with the @hushmail.com domain priced at $49.99/year. The account comes with 10GB of storage and an encryption relying on OpenPGP standard. Web and mobile (iOS only) access is available.
Businesses can take advantage of dedicated plans for multiple users. When communicating with each user directly, end-to-end encryption covers all emails. Hushmail also offers on-demand encryption for messaging external users. Companies can also take advantage of secure web forms to be placed on websites or linked in emails.
Business plans start at $5.99 per month for each user.
Encyro is a powerful service for protecting emails along with their attachments. Users don’t need to create separate email accounts – instead they get full encryption with their existing account. It’s quite an encryption with 16 layers of security that makes you compliant with all major privacy laws, such as HIPAA and GDPR (for other tools that can make you HIPAA-compliant, check out our dedicated article).
Encyro is free to use for individual accounts with a basic set of features. The Premium plan is available for $9.99/month and $7.99 for each additional user.
Another option worth considering is Sendinc. It offers a 256-bit SSL encryption for all of your outgoing emails. You can use your existing email account with the service. To add an extra layer of security, Sendinc doesn’t store your keys, which guarantees only you and the recipients of your messages will be able to decrypt them.
A free plan is available with up to 20 recipients per day and messages automatically vanishing after 7 days. To keep your emails and significantly boost the sending capacity, you’ll need to upgrade to a paid plan priced at $48/year for each user.
Enigmail is a different type of service than those we already described. It’s an add-on for Thunderbird and Postbox that encrypts both email content and its attachments. While doing so, it uses the OpenPGP standard for public-key encryption and signing outgoing emails.
It’s a very simple tool but does exactly what you would require from an encryption tool without tons of additional features. Since it’s open-source, it comes free of charge without any limitations (except for those imposed by the respective email clients, of course).
TrendMicro is an enterprise solution that provides email encryption along with dozens of other features. These are aimed at protecting entire devices and networks from malware and data leaks. TrendMicro relies on cloud-based encryption with keys automatically managed in the Cloud. For additional security, the keys are automatically regenerated every month and distributed in a network.
While TrendMicro offers individual pricing to its enterprise-level customers, it has a fixed price for less demanding clients. Their limited security plans (appropriately named ‘worry-free plans’) start from $37.75 per user and are paid annually.
NeoCertified is another solution for individuals and small business. It provides encryption for emails and attachments, and does it really well. When you send an email to external users, they’ll need to create a free NeoCertified account to access its contents. Of course, communication within the NC network is frictionless.
The company offers very easy integration with the most popular email clients. The tool is priced at $99 per year for each account. A discount is available for non-profits.
To wrap up the list, there’s Mailbox.org. It’s a simple and yet powerful tool for email encryption. On top of that, it offers a suite of office tools, such as cloud storage, calendar, or a task list. All of the data you input in any of these tools is encrypted.
Personal accounts at Mailbox cost only €1 per month. More advanced plans start from €2.5 per user.
This wraps up our summary of the encryption tools we recommend in the upcoming year. We hope you enjoyed it and to see you next time. We write a lot about emails and their security, in particular. Follow our blog so you never miss a thing. Take care!