We are sure that you definitely have a mailbox in Google, Yandex or Yahoo. And it is not surprising, because these are giants of the market, which cover approximately 70% of the global e-mail service. However, not everyone will agree that the most popular providers are the safest, rather the opposite: in 2021, 63% of phishing messages and links were delivered through Gmail. And Yandex in 2021 had some incidents of user data leaks from its services (Yandex.Eats). Of course, choosing a postal provider, as well as trusting third -party services or not, is a purely individual choice, and in this article, we will offer several good alternative options for popular services that can be relied on in terms of safety of user data.
How should a good postal service work? The most important thing is encrypting messages on both sides so that third parties can not get the contents. Of course, in 2022, no well-managed services would ignore MFA and encryption. The reputation is also important, because the bigger cyber incents happened to the company, the less confidence in the product. Next, we’ll talk about good services that do perfectly with the safety of user confidentiality, however, we immediately note that the basic options of applications can greatly expand with the premium-versions of the products.
ProtonMail earned an impressive reputation on the market as a good postal service provider. If you work in the field of information security, then you may have heard about this service, which, incidentally, was created by Swiss scientists of the CERN Development and High Technology Center. An interesting fact: all ProtonMail servers are stored in a bunker at a depth of several kilometers, which also has state security guards thee.
ProtonMail has a strict policy of the absence of magazines and open source code, also uses end-to-end encryption. A useful feature - through ProtonMail you can send encrypted messages to users who do not use this postal service. The protective function, which confuses many, is the absence of a backup in case of password loss, but ProtonMails themselves consider this a necessary security measure and do not make changes in the functionality of the service yet.
ProtonMail has a modern smartphone application, which has slightly fewer functions than a regular web client on a PC, but works quickly and uninterruptedly. After long use of popular Gmail ProtonMails may seem a little outdated in terms of the interface, but for the sake of the safety of your data, you can get used to it.
The free version of the application will send no more than 150 messages per day and have only 500 MB of the cloud storage, while the paid version of Visionary ProtonMail for $ 24 includes 20 GB of memory, 50 e -mail alternative names, client support, ProtonVPN and ProtonDrive.
The StartMail service has become very popular over the past few years among users of desktop computers. StartMail is a subsidiary project of the search system Startpage.com, which does not track your data. Based on the values of unlimited security and confidentiality, StartMail also integrates PGP (Pretty Good Privacy - a program that ensures the privacy of correspondence) and ensures the complete safety of communication with users who also have PGP. There is an opportunity to send disposable letters or add alternative names if you, for example, are registered somewhere and you need to indicate the address.
Unfortunately, StartMail does not have any desktop applications, but there is a functional and understandable in use web version. The free version of the service is also not provided, but there is a 7-day trial period for which you can evaluate all the advantages of the postal service. The user is provided with 10 GB of storage and client support, ready to help in any situation.
More than 2 million people have already been using Tutanota postal service. Unlike the above-mentioned service, StartMail, Tutanota integrates other correspondence protection programs - AES (symmetrical block encryption algorithm, accepted as the US government encryption standard) and RSA (encryption algorithm based on the use of open and closed keys) instead of PGP. Thus, Tutanota combines several levels of safety by combining symmetrical and asymmetric keys.
The IP address and email addresses are removed from the metadata header, and there is also a strict policy of the absence of magazines, which also works for the confidentiality of the client. The names of the sender and the recipient, as well as the topic line are also encrypted, multifactorial authentication is functioning too.
Tutanota has good applications for Android, Windows and iOS, and for 2 dollars a month you can get 10 GB of storage, 5 alternative mail names, client support. For $ 8.5, you get a much larger arsenal of functions and storage, user domain name and contact forms. In the free version, 1 GB of memory is available and there is no client support.
We have repeatedly said that the largest concentration of data that may be attacked passes through corporate employees of companies. Every day, huge arrays of information are sent by mail and messengers, and not everyone does it safely. Even the safest mail services can become even safer if they work with a DLP system.
The DLP system is a software solution that prevents the leakage of confidential data from the local network of the company. As an example, we give DLP SecureTower Falcongaze. This system, in fact, is 2 in 1, because it provides data protection and controls the activity of employees. SecureTower carries out full control of all communication channels, including email and instant messengers.
Securetower controls the entire mail transmitted through the protocols MAPI, POP3, SMTP, IMAP, HTTP + mail of external postal services. The system automatically analyzes the text of messages, the files and images for the availability of confidential information in them. Securetower can also block the sending of messages, analyzing text content and investments. The interception and blocking of sending works with the MAPI, SMTP protocols, as well as the webcam transmitted through the HTTP protocol. The system checks for compliance with messages to messages transferred using mail servers Microsoft Exchange Server, Lotus Notes, Postfix, Sendmail, etc.
It should be understood that the information security of employees, and the company, is achieved due to an integrated approach. The safety of correspondence and information transmitted in the correspondence cannot be achieved only by ensuring the safety of one communication channel. To avoid leaks of confidential data, we recommend using reliable mail services with a good reputation in pair with the DLP system.