Privacy Canada is community-supported. We may earn a commission when make a purchase through one of our links. Learn more.
Secure + Encrypted Email Providers
There have been countless privacy scandals over the past few years involving large email providers.
This has led many people to look for the best secure emails that will allow them to freely communicate with others and at the same time protect their privacy as a user.
Why You Need Your Emails Encrypted
You might ask, is it really necessary for me to encrypt my emails? Or is this much ado about nothing? Look at what’s happened over the past couple of years and judge for yourself.
Gmail was recently caught giving third parties complete and full access to its user’s emails. This means that if you used Gmail during the time this scandal was unfolding, the emails you thought were private may have ended up in the hands of individuals who wanted to use them for their own reasons. If you are comfortable with that, then maybe you don’t need to encrypt your email.
Declassified documents showed that Yahoo, AOL, Google, Microsoft, and Apple have all allowed US surveillance agencies to be able to monitor live communication and store information on their servers.
So we have Yahoo, AOL, Apple, Google, and Microsoft, all of the big players in email, willingly sharing your private information with advertisers, marketers, and the government. This is why, if you want to keep your emails private, you need your emails encrypted. Remember, when you use “free” email providers, it is likely that you are what is being sold to others.
Thankfully, there is a simple solution. Use a secured email provider. Let’s take a look at a few of the options that are available with the goal of helping you select the one that is right for your needs.
Secure email services for businesses isn’t really something that a lot of people tend to think about, but the truth is, they’re essential for a proper workflow.
Even if you’re just a solo user and are looking to beef up your email security, Zoho is a great option for everybody.
In terms of security, Zoho has the standards 2FA that you’d expect, but it also has OAuth 2.0. If you don’t know what that latter one is, basically it’s a protocol that allowed 3rd-party apps to access the mail service without breaching security. This is great if you don’t want to necessarily use the Zoho client itself.
Another great little feature is the ability of the email service to detect unusual activity and generate a report on it so you can keep up to date. Similarly in terms of peace of mind. Zoho is that it is completely GDPR compliant, so if you have those requirements for your business, you’re already set.
So what does Zoho have in the way of business features? Well, quite a lot actually if you go for their business plans which start at $3/month/user.
This plan provides you with things like an intranet, collaborative streams, a shared work drive of 10GB per user, and even an office suite with a word processor, spreadsheets, and presentations.
Of course, if you want a cheaper option, you can go with the astonishingly cheap “Mail Lite” plan at $1/month/user. Admittedly, it doesn’t give you a lot of the features of the business mail, but you do get things like notes, bookmarks, tasks, calendars, and scheduling.
You also get a nice 5GB of storage, and for an extra 25cents, you can bring it up to 10GB.
Finally, there is a free option if you’d prefer, but the storage is minimal, only 25MBs. Plus, you don’t get a lot of the great features that just a dollar a month will get you.
Overall, Zoho is an excellent secure email, both for individual users and for SMEs. It has the full list of encryption and privacy features, has all the certifications and auditing you’d expect, and even has some great business features you’ll find invaluable.
The best part though is it’s cost, and probably has the best, if not the best bang for your buck when it comes to secure emails.
- Very easy to configure
- Great app integration
- POP and IMAP
- Custom domains
- Excellent user interface
- Not a lot of storage in the free version
- No live chat support
2. ProtonMail – The Most Well-Known Email Service Provider
ProtonMail was founded by Dr. Andy Yen. Prior to founding this company, he worked as a researcher at CERN. ProtonMail is based on the idea of building an Internet that protects user’s privacy, starting first with email.
The engineers and scientists who work for this Switzerland-based company have a singular vision of protecting people’s civil liberties while online. For this reason, they created an easy to use email service that has built-in end-to-end email encryption.
ProtonMail’s commitment to privacy is seen as soon as you set up your account. You are not asked for personal information. You just need to select a username and password.
This is a free email account, so it does not have a lot of the functionality you might get with other email services.
Your attachment limit is 25 MB. Attaching images is easy and fast. As you send or receive emails, ProtonMail automatically stores the contact information in your address folder. You are able to upload contacts from other programs. However, there is not a direct way to connect contacts to social media or other email accounts. You will need to create a.CSV or.VFC file and then upload them to your account.
If you forget your password and you need to reset your account, you can do so. However, any emails that were already in your inbox or in your saved folders before you reset your password are gone. There is no way that you will ever be able to recover them.
- Easily send encrypted email messages
- Uploads attachments up to 25 MB quickly
- If you forget your password, you will need to reset your account. Any emails previously-stored or received will be locked away. You will no longer be able to access them.
3. Mailfence – End-to-End Encryption + Digital Signatures
Mailfence is a Belgian-based company that was launched in 1999. Their goal is to help users reclaim their secure email privacy. To accomplish this goal, they found SSL certificates that had no American certification authority.
They developed a unique inter-operable end-to-end encryption email solution. This solution includes digital signatures.
Mailfence strives to stand out from the crowd by offering a complete email suite, including Mailfence Calendars, Mailfence Documents, and Mailfence Groups. Mailfence works with other Open PGP compatible email services.
Mailfence refers to itself as a “true end-to-end encryption email solution” because all encryption operations happen in the browser. Their integrated key store gives users full control over key management as well as advanced options.
Mailfence prides itself on offering full reversibility. This means that users are able to leave the platform with their encrypted key pairs as well as their end-to-end encrypted data.
Being based in Belgium, their servers are located in a country with laws that protect online privacy. Since Mailfence does not have a foreign parent company, they are not forced to comply with data requests from domestic or foreign authorities.
Mailfence has a free plan that comes with 500 MB emails, 500 MB documents, two-factor authentication, encryption, as well as support. The next level up is a plan for around $2.50 each month. Their business plan allows users to scale the plan based on their needs. The pricing for the plan varies depending on what the user adds to it.
- Excellent security and privacy
- Open PGP end-to-end encryption
- Located in Belgium
- Digital signatures
- Third parties do not have access to your data
- Customizable themes are not provided
- Does not have a proper alias management system
4. Hushmail – Oldest Secure Email Service
Hushmail is designed to be like the free email service you currently use. You’re able to use it on your smartphone, on the web, or on a smart device.
The difference is that they added extra security features with the goal of keeping your data safe.
Hush Communications began in 1998. A year later, Hushmail was introduced. Based in Vancouver, Canada, this company is in the heart of a growing tech industry.
The philosophy behind Hushmail is that creating the best secure emails does not need to be complicated, nor does it need to be intimidating. Their idea has been that in order to limit cyber security risks, measures employed must be effective, be accessible, and people need to feel like they can actually use them.
Ben Cutler has served as the company’s CEO since 2001, and Brian Smith serves as the company’s chief technology officer. Brian was one of the creative forces behind the technology that powers Hushmail.
Hushmail believes that security is the most important feature an email service can have. The free side of the service does not have many of the features or functionality that other web-based email clients offer.
Hushmail scans incoming emails and checks them for viruses. It provides you the ability to blacklist domain names and individual email addresses.
Hushmail does not have ads in its inbox. It offers POP3 access, meaning that your email is accessible from third-party services. This means that you can access Hushmail via your smartphone’s email app. Hushmail only offers a plain text message composer.
If you use your email every day, you might not be bothered by this, but Hushmail does require that you login at least once every three weeks to keep your account active. If not, Hushmail will deactivate your account automatically. This can get annoying fast.
- You don’t get ads in the inbox
- POP3 access
- Free version
- If your account is inactive for three weeks, it gets deactivated
- No spell checker
Q: Is Gmail a secure email?
A: Gmail has more than a billion users around the world. It is one of the most popular email service providers on the planet. Understandably, there is concern about security. Gmail allows you to login from any location and use whatever device you want.
This makes it possible to log into unencrypted networks and expose your personal data and privacy. Gmail has default settings that offer fairly robust security. However, learning about advanced security options, including SMTP over TLS (STARTTLS), will allow you to make Gmail more secure.
Q: Can I send an email with Gmail?
A: Yes. Gmail supports S/MIME. This is available with the paid Gmail account. It is not available if you are using a free account. S/MIME will only work if both the sender and the receiver are using a service that supports it.
Gmail has hinted that they are interested in adding end-to-end encryption on all of their email services. This hasn’t happened yet, and since they’ve been promising this since 2014, we’re not holding our breath.
Q: How can I password protect a Gmail attachment?
A: Click Compose to begin a new email. On the bottom right of the window, click Turn on Confidential Mode. There you are able to set an expiration date and a password.
Q: Can an email be hacked?
A: Yes. For example, researchers in Europe discovered security flaws that allow email to be hacked if the encryption used is PGP and S/MIME.
Q: How do I know if my email has been hacked?
A: Your first clue will usually be that your contacts inform you that they have received strange emails from you. It may be asking them for sensitive information, etc. Tell them to send a photo of it to you. If you did not send it, it’s likely you have been hacked.
Email is a trusted form of communication. It is where you share private information with those you trust. This is why, email is a legitimate target for hackers. Free email accounts encrypt your messages.
Related: Best Encrypted Chat Programs
Many of them do a good job of filtering out spam. Still, we do not feel that free web-based email clients are the safest way for you to communicate.
STARTTLS is a common form of email encryption. If both the sender and the recipient are using applications that support this type of encryption emails can be sent.
Public-key infrastructure or PKI is key to email encryption. It is what allows one to use technologies such as digital signatures and encryption. In addition to being used in emails, it is at the heart of e-commerce, and it will have a greater role in the Internet of things.
The need for email, and other forms of cyber security software like a VPN, will continue as long as there are malicious individuals who use things like ZeroAccess and other forms of malicious malware to infect operating systems and cause damage to innocent victims.
Don’t forget that while encrypted email provides an extra layer of protection to your personal data, your internet traffic still isn’t encrypted. We suggest you learn more about the best Canadian VPNs you can afford, and protect yourself and your home from potential attackers. If you speak French, you can take a look at Meilleur VPN.
Email is an attack vector, but so is your browsing data. Always remain vigilant to the sites you visit, get an encrypted email service, and get a good VPN like NordVPN or Surfshark. You’ll save yourself a lot of pain the future.
You Can Also Take a Look at: