Most of us use email as a primary form of communication. It's quick, efficient, and easy to exchange information. Email feels private, but is it really secure? Should you be sending so much personal information over the open internet without a second thought?
Most email clients come with basic cybersecurity features like spam filtering, but they won't allow you to send or receive encrypted messages. Your inbox can be a valuable target for hackers looking to leak or sell your sensitive info in data breaches, and it may be time to rethink the way you send private attachments. Here's how to find the email with the best security for your sensitive info.
What kind of information should I be protecting?
You probably use your email to schedule doctor's appointments, review bank or credit card statements, and do your taxes. Now, all of that personal information is sitting in your inbox. Identity thieves or hackers could access the contents of your inbox and find enough information to cause you financial harm.
Your work email poses its own set of potential threats. You're probably trusted with company information and contracts that you're responsible for protecting. If you leave them in a less secure inbox, there's no telling where that insider information may wind up.
Inboxes are like goldmines for bad actors on the internet. Almost everything that someone would need to steal from you or cause you harm can be obtained from an unsecure email inbox or by sending you a malicious email or malware attachment. It's scary to think about, but it's an avoidable situation.
When should I switch to a secure email service?
It's better to increase your email security proactively. If you wait until after your inbox has been compromised, it's already too late. There’s no such thing as being safe too early. If you're ready to switch email providers, the best time to increase your email security is now. Choose an encrypted email service you can trust with your data.
Most encrypted email providers offer a free version and a premium version. If you're considering making the switch to private email, play with some free versions until you find a user-friendly interface you're comfortable with and security measures that work for your needs.
Pricing for a premium plan can vary significantly, so consider how much you're willing to spend for additional functionality like a private address book or extra storage space.
Is my email provider safe to use?
Most email services are free to use, and they do their best to offer security features to their users. Hackers are more likely to target larger, free email services simply because more people use them. The larger the user base is, the more likely they are to hack accounts successfully.
Enhanced security features and constant monitoring take a lot of work, and specialty email providers are more likely to be able to provide tailored services to their smaller user bases. Unless your email provider specifically states that they're security-based, it's best to assume you're only getting basic security features with your email account.
What kind of security features should I look for in an email provider?
Secure email providers go above and beyond the standard array of security features. They may advertise special security features you've never heard of before.
When you're selecting a secure email provider, there are a few key things you should be looking for.
End-to-end encryption
You probably check your email wherever you go, and sometimes you're connected to a public network.
End-to-end encryption closes your conversation on both ends, keeping your email contents free from prying eyes who may be abusing shared networks. No one besides the sender and the recipient will ever be able to see the contents of your emails — not even your email service provider.
Sandboxing
Malware creators are getting smarter and smarter. Most email service providers check for known malware signatures in email attachments, but sophisticated malware can slip through the cracks. Sandboxing is a security process that isolates attachments and checks them in a safe environment before they ever reach your inbox.
Attachment inspection
Any image or document attached to an email may contain malicious code. Top-tier security tools can sweep attachments for hidden threats you're unlikely to notice.
Link rewriting
Scammers and spammers include links in emails as part of phishing or malware schemes. Most email providers check for known links or suspicious digital signatures and routinely block them, but new links always pop up.
Link rewriting takes all links in an email and redirects them through a special proxy that checks them for safety before you can proceed to the URL. This prevents any previously uncaught dangerous links from getting through.
Secure storage
Most of the sensitive information you exchange through email won't be in the body text of an email. The real private information is always in the attachments, like bank statements, medical records, or company documents. Encrypted cloud storage can keep your attachments safe for as long as they live in your inbox.
This isn't an exhaustive list of every buffed-up security feature email services may provide. Always read the full text on features. If there's something unfamiliar to you or proprietary to the email provider, they'll likely explain the benefits of the feature.
The 5 best secure email providers
There are many secure email providers. Some have been around for a long time and have a time-tested reputation for delivering on their promises of excellent privacy. This isn't an exhaustive list, but it covers the major players.
Most secure email providers offer mobile apps for iPhone or Android so you can check your email on the go, but some don't. If you work from your phone, this may be an important thing to consider.
Note that no amount of security will make your inbox invulnerable. The strongest line of defense is always you. Carefully read emails, don't carelessly open attachments or click links, and when in doubt, don't click! Most bad actors gain access due to mistakes or oversights, so ensure you stay vigilant.
1. Hushmail
Hushmail has been around for a long time, and they started with a unique goal in mind. HIPAA laws place strict privacy requirements on medical care providers that dictate how they can communicate with each other and with their patients. Hushmail was designed with HIPAA compliance in mind, making it the simplest solution for HIPAA entities.
Hushmail has a very simple interface. It's easy to use, and while it may not be packed with features, it solves a very important problem for people who need to abide by special compliance requirements. Hushmail has expanded their scope to provide specialized services for lawyers and small business owners.
2. Mailbox.org
Mailbox.org was designed as a private email alternative to email services that many companies use, like Gmail and Outlook. It has a very familiar interface, and it's very business-friendly. It's even equipped with secure video conferencing, an encrypted calendar, and fully encrypted cloud storage.
You can use Mailbox.org almost exactly like you'd use the business email you're already using. If you're searching for a secure alternative that will suit the needs of an entire organization, Mailbox.org is your best bet.
3. Tuta
Tutanota is a very simple privacy-based email service based in Germany that goes the extra mile with additional encryption. Most email services use standard open-source PGP encryption, which is perfectly suitable for most applications. Tuta uses AES and RSA encryption, which are even more locked down than OpenPGP.
Tuta also strips and checks images and metadata from emails to ensure that nothing malicious may be hidden in a place you wouldn't be able to see. They're very cautious about phishing patterns and will place bold warnings on anything they find suspicious.
4. Startmail
Startmail is a Netherlands-based email provider aiming to protect your data, activity, and privacy.
With Startmail, you get unlimited email aliases to help keep your main address exclusive and prevent spam and phishing. Startmail also allows you to send encrypted emails to anyone — if your recipient doesn’t use encryption, they can still receive and reply to your encrypted emails using a password that you set for them. Plus, Startmail works on any device for convenience and peace of mind.
5. ProtonMail
ProtonMail was one of the first major secure email providers. This service is based in Switzerland, and the Swiss enjoy some of the best privacy laws in the world.
ProtonMail is one of the most secure email providers on the planet. They utilize zero access encryption, which means retrieving your password is impossible. The company doesn't even have it, so they can't reset it for you. As long as you aren't forgetful, you'll appreciate how locked down your inbox is.
One of ProtonMail's more unique features is their proprietary self-destructing emails. ProtonMail users can send emails to each other with expiration dates. If you need to send tax documents to your accountant who uses ProtonMail, the email can delete itself by the next business day. You'll never need to worry about trusting other people to be responsible for your private information.
More than security with Superhuman
Security is a vital factor in choosing an email service provider, but it's not the only one. Most people also look for usability, speed, and compatibility with other software and devices, to name just a few.
Superhuman is the fastest email experience ever made — and for many, it’s a better alternative than the options above. With Superhuman, you can be more responsive to what matters most. Our Split Inbox feature allows you to automatically triage incoming mail, allowing you to focus on what needs your attention. Plus, Superhuman AI allows you to write entire emails with just one line. Jot down a few phrases, and we’ll turn them into a complete email.
When it comes to privacy and security, Superhuman never sells or shares your data, and we’re SOC 2 compliant. With Superhuman, all data is encrypted at rest and in transit, with particularly sensitive data encrypted additionally at the application level for the ultimate peace of mind.
Becoming an email expert
There are two parts to being an email expert: security and efficiency. Most email attacks and breaches come from spam and malicious links that overrun your inbox. Keeping your inbox clean and organized can help you kick the spammers and scammers to the curb.
Superhuman integrates with Outlook and Gmail accounts to create the most productive email experience ever made. One-click unsubscribe from spam, split your inbox according to your priorities, and use Superhuman AI to fly through your inbox.