Email security and data encryption are not a hype, or a means to provide sales for software security businesses. Encrypting your messages and attachments is vital if you want to protect yourself against hackers trying to gain access to your information.
Whether you use Gmail or Outlook, sending emails is still a huge security risk that needs to be eliminated. How? By choosing truly secure email providers over mainstream email providers at any time.
What is secure email?
Over the last couple of years, email has become a significant security risk to governments, companies, and individuals. The popularity of secure email providers has grown drastically. So what makes secure email providers different from regular email?
Gmail and Outlook secure? Think again. Most major and free email providers such as Gmail like to consider themselves safe and secure, but the truth is they aren’t. A genuinely secure email provider encrypts your data, making it impossible for them and third parties to read your email conversations.
Secure email providers are open source-based, allowing other security providers to inspect their software. These services don’t profile you, don’t log your metadata, and don’t sell your data to third parties.
Mainstream email providers such as Gmail or Outlook fall short of all these categories. While Gmail does encrypt the connection between your computer and the server, it neglects to encrypt your information when it reaches its destination. Therefore, all your messages will end up on Google’s servers, ready to be read or grabbed by anyone who performs a successful data attack.
This lack of end-to-end encryption is not only undesirable if you want to ward off malicious third parties, but it also means Google can get access to the contents of your inbox. This access means Google scans messages for advertising purposes.
End-to-end encryption is key
Secure email providers disguise the content of an email message to protect the potentially sensitive information it contains. They make sure that the information within the message can only be read by the intended recipient.
How does end-to-end encryption using a key work?
Your email is transformed into an encrypted puzzle that needs a key to be unlocked. This authentication key ensures that none other than the recipient can get access to the contents of your message. No hacker who intercepts it can do anything with its contents, and all valuable attachments are un-accessible.
Advantages of encrypted email
Email is especially vulnerable to security problems because messages are sent over various (public) networks that are not always as safe as you’d want them to be. Encrypted emails of secure email providers help you protect sensitive data, such as social security numbers, login credentials, and bank account numbers.
They also help web-based email services such as Gmail to enhance their cybersecurity by blocking hackers who want to infiltrate their systems via email accounts. Hackers often use non-secure networks to capture an entire email inbox, which could lead to significant problems. You want to keep those threats at bay, and using a secure email provider with a secure email environment is a way to do so.
How to keep your email account safe?
Message encryption is key if you want to safely send and receive emails. While using an encrypted email service can help keep your data secure, you can also take other security steps to make sure your data remains safe.
- Secure passwords are the first line of defense. Always make sure you use a variety of letters, numbers, and symbols. Combine capital and lowercase letters and avoid any recognizable words to be on the safe side. Always use a unique password.
- Another step is using security questions. If your password is compromised, security questions offer an added layer of defense. Just make sure the answers to the questions are fake or not easily unraveled.
- Secure Socket Layers (SSL) create a secure link between a web server and a browser. You can quickly check if the link is secure by checking the web address. If that starts with HTTPS rather than just HTTP, it means you’re working in a secure environment where SSL encryption is active.
- Use two-factor authentication whenever possible. The best way to keep your email account secure is to use two-factor authentication. Preferably through an app like the Google Authenticator app. Using a two-factor authentication based on text messages is less secure, as your phone number can be hijacked.
How to encrypt an email?
Some secure email providers integrate tools such as Pretty Good Privacy (PGP). This protocol lets you lock the contents of your message and provides a secure key to the intended recipient. That way, the recipient is the only one who’s able to unlock and read your message. If unwanted parties without the key intercepted the message, the contents would be unreadable and look like gibberish.
PGP mixes up the contents of an email, so it becomes a puzzle that only you and the recipient can solve using a key. Decrypting the message without the key is impossible.
Each person has a public and a private key in the form of a digital code. The public key is stored on a key server and can be accessed by anyone who wants to encrypt and send an email. The private key is stored safe and private on the recipient’s computer, and only that person has access to it.
The safest email providers
Secure email services are your safest bet of keeping your email communications untraceable. Most of these services provide end-to-end encryption, automatic deletion of emails, blocked IP addresses, and password protection of your email account.
When it comes to data security, it’s always best to go with an established secure encrypted provider. Two of the best services available are Protonmail and Tutanota. Security-wise, you are safe with either one of them. It's one of the best secure and free email providers.
Protonmail and Tutanota have a solid track record when it comes to end-to-end encryption, and both keep you safe and sound, even amidst non-users. They also both use a zero-knowledge infrastructure, meaning not even they can read or use your messages.
- ProtonMail: is ProtonMail safe? Yes, this is one of the most popular encrypted providers, and rightly so. ProtonMail encrypts their data on servers in Switzerland, which has one of the strictest privacy laws in the world. ProtonMail is built on open source technology, which is crucial for ensuring the highest levels of security because these kinds of software are open to the world’s security experts for inspection. One of the reasons ProtonMail scores so well on anonymity is because of the specific support for Tor that comes with the deal. ProtonMail doesn’t store IP addresses and it integrates PGP for a full-on security experience. They don’t ask for personal data when you sign up, and they offer a free account of 500MB per month.
- Tutanota: this is another highly recommended secure email provider. Their feature-set is vast, and they audit their service regularly to make sure users can trust its protections. Tutanota’s servers are located in Germany, and their service is built on several open-source foundations. Although they offer the same top-notch end-to-end encryption as ProtonMail, they take it one step further by encrypting more sections of your email and inbox, like your calendar and address book. They also provide a zero-knowledge text search, meaning no one at Tutanota can see what you search for in your emails.
Would you like even more options? Check our article on anonymous email services.
How to send a secure email in Gmail?
End-to-end encryption is essential in any email system. A secure provider will encrypt data on the server, making it useless to third parties who intercept the message. Did you know you can even send secure texts using Gmail?
Do you want to encrypt email with PGP in Gmail? Then use the FlowCrypt Chrome Extension to secure all your emails and attachments on Gmail with end-to-end encryption. This Chrome extension works flawlessly, and it integrates seamlessly with your Gmail account using OpenPGP.
FlowCrypt is easy to use and sets up in a few clicks. It adds a ‘Secure Compose’ button to Gmail, making it possible for you to send and receive private PGP encrypted emails and attachments whenever you want to. What’s more, it enables you to digitally sign your messages to ensure the recipient that the email is genuinely yours.
How to send a secure email in Outlook?
We’ve collected the best three ways to send encrypted emails in Outlook:
- Gpg4o: this is an Outlook Add-in that implements the OpenPGP standard through GnuPG. It integrates seamlessly with Outlook 2010-2016 and guarantees the privacy of all your mail correspondence using end-to-end encryption. The set-up is easy, and the user experience is also very intuitive with all the latest features for the best security. They offer a free version for no commercial use. Support is only available for pro users.
- GpG4win: this solution for Windows computers doesn’t just offer email encryption but a whole suite of tools. For example, you can use it for file encryption directly in the file explorer as well. All tools are free of charge. Help and support are given through their community. GpG4win uses GnuPG public-key cryptography for data encryption and digital signatures.
- p≡p: Pretty Easy Privacy is a cross-platform implementation of the Open PGP standard. p≡p offers automatic encryption, which makes it an easy tool to work with for the end-user. The email encryption is available for Microsoft Outlook on Windows as well as Android phones. If you use it as an Android app, it’s free of charge. When you use it as an Outlook Add-in, it will cost you 25 Dollars. Help and support are available over email.