Choosing the best email encryption solution for your business is crucial. In this review, we will be comparing Egress and Mailock for their secure outbound email capabilities.
There are many ways to review and compare secure email or email encryption solutions. Each company will have different priorities in terms of security, user experience, and integration with other tools.
In this review, we compare Egress and Mailock for their secure outbound email capabilities, based on:
|
Egress |
Beyond Encryption Mailock |
|
| Outbound email security |
|
|
| User interface and experience |
|
|
| Integrations and ecosystem |
|
|
| Cost and customer support |
|
|
Egress' Intelligent Cloud Email Security Suite uses patented self-learning technology to detect inbound and outbound threats and prevent data loss. It is designed to reduce human-activated risk.
Its Prevent and Protect tools enable businesses to send encrypted emails from Outlook or M365 preventing email mistakes and misfires. It also offers some automation capabilities for the delivery of secure email to customers at scale.
Mailock empowers businesses and customers to exchange sensitive information using email with the confidence that only the right people can gain access.
By combining high-strength encryption with the ability to authenticate recipients, organisations are able to record proof of delivery while taking advantage of all the benefits of email.
Mailock works as a web app, Outlook integration or secure email gateway (cloud/on-premise) and is designed to support high-volume delivery using automation.
Egress is a solid tool for encryption and data loss prevention with basic authentication capabilities.
Egress uses military-grade end-to-end AES-256 encryption to protect confidential emails from interception.
This can be applied by individual users, from their Windows Outlook ribbon bar, or by administrators using M365 rules.
Egress also offers limited recipient authentication. Users can set question-and-answer challenges (the example provided on their website is "what's your date of birth?") that recipients must answer correctly to gain access.
However, no SMS challenge is available for securing individual messages. Instead, administrators can require accounts accessing information in their company's workspace to use SMS authentication to sign in to their Egress account.
Creating or signing into an Egress account is a requirement for anyone who wishes to read, download, or reply.
Egress' focus on human-activated risk is realised through a machine learning program that analyses email contents and recipients to detect anomalies that could present a threat. It then prompts users to send an email securely if it contains confidential information.
This 'black-box' approach is similar to how your email provider (e.g., M365) detects suspicious activity, and it works out of the box.
Of course, this approach does have the risk of creating a false sense of security, with users coming to rely on the machine to tell them if their email might need to be secured.
As administrators have no way of knowing what and how the machine is learning, they may find it difficult to relinquish control over their users' data protection behaviour.
If an email is sent unsecured, and it should not have been, users and administrators can revoke it using their audit log. This is unilateral and works regardless of a recipient's infrastructure. Audit logs also show send and access timestamps for each securely sent email.
Egress offers configurable access privileges (such as 'do not forward', 'do not print', and 'disable download'), which M365 users will be familiar with.
As with M365's email access privilege settings, users and administrators can configure access granted to the recipients of secure emails. For organisations with complex security policies that require it, this feature will tick the right box.
However, most people will be aware that there are relatively easy ways to bypass these controls. They should be seen more as a lightweight barrier than complete prevention.
As we mentioned earlier, recipients of an Egress secure email must create an Egress account to read it and download any attachments.
If a question-and-answer challenge has been set, they'll need to pass the challenge after they sign into their account before they can do what they need to with the secure email they've been sent.
The requirement to create an Egress account to read an email could be slightly frustrating for people who would prefer easy access to important information they've been sent, but it does come with benefits.
A free Egress account will allow recipients to send secure emails to 25 people each month (note: cc'd recipients of a single email use up multiple email send credits). This may help them to keep the information you send them protected if they need to share it with anyone else.
Taking a look at their Trustpilot reviews, it's clear that there have been some frustrations with Egress' user experience in the past. Though the interface has improved, the restriction on end recipients to create an account for read access may be too much of a barrier to use.
Another potential issue could be the use of the .htm format for attachments. This often leads to emails being blocked by email filters or marked as junk. As Egress grows in usage, it may be that email filters will learn to trust the format when sent with Egress' security.
Egress integrates with Microsoft 365 and offers a Windows Outlook add-in for users' desktops.
This is simple to deploy, though the configurable access privileges users will have to choose from in Outlook may be confusing, and it is worth covering them first in a training session.
The Outlook add-in functionality includes:
As yet, Egress offers no single-sign-on (SSO) integration for users to easily authenticate their ID.
In terms of its ecosystem, Egress is a multinational security company with a range of products built around data security. Secure email is one of many products ranging from inbound to outbound protection.
The ability to integrate seamlessly with its secure workspace, form, and phishing products could be a strong reason to choose Egress. However, as secure email is not the organisation's main focus, it must be taken into account that feature requests could be acted on infrequently.
Egress provides a guide cost of £90 per user per month. The cost-per-user reduces with scale. You can contact the team for an estimate.
Egress' combined support desk for their product suite receives enquiries from all over the world. Their customer review score on Trustpilot is 3.3 out of 5 stars. However, the extent to which this is due to users' experience of Egress' products as opposed to service is unknown.
"We are an Egress Partner (Reseller) - If our experience is bad, I hate to think what it is like for an end-user. I can never get hold of anyone over the phone."
Mailock is perfect for organisations that need to send confidential information securely to the right recipients without friction.
Mailock uses military-grade end-to-end AES-256 encryption to protect confidential emails from interception.
Users can secure individual emails sent from the Windows Outlook client, and administrators can use keywords and M365 rules to apply outbound security on a company-wide basis.
To make sure sensitive information always reaches the right person, Mailock offers multiple authentication challenges. They include:
These unique identity challenge processes can be applied by users or administrators. They offer robust protection that ensures sensitive misdirected emails remain encrypted regardless of whether an unauthorised party can gain access to a recipient's inbox.
Mailock provides default sets of keywords that trigger emails to be encrypted or surface prompts asking users if they want to send a message securely.
These default sets can be edited by administrators to customise Mailock to their information security policy. Administrators can also set rules using M365 to secure particular types of emails.
This transparent, or 'clear box', data loss prevention (DLP) approach gives organisations complete control over the initiation of a secure email and 'before you send' warnings. However, administrators should regularly review these keyword sets to make sure they are kept up-to-date.
For misfired emails, Mailock has the capability to audit and revoke secure emails both at the user and the administrator level. As with Egress, Mailock's revoke function is immediate and unilateral.
One of the key reasons businesses choose Mailock is so that their recipients can read secure emails and download any attachments without needing to register for an account.
If an authentication challenge has been set, the recipient will need to complete it, then they can read their message and download any attachments like they would with a normal email.
Recipients can create a Mailock account to reply securely. This is a quick and easy process that will give them 5 free secure emails each month to send to anyone else (note: send credits are per email, not per recipient, so a single email with multiple people cc'd uses up one credit).
Mailock prioritises a smooth user experience over complex tiered access privileges (e.g., do not forward, do not print, disable download).
Recipients have a consistent experience with secure emails every time; senders are not overloaded with decisions to make before sending. Once recipients have access, they have full access, just like a normal email.
The delivery of attachments in their original format, and the fact that the system is well established in the financial sector, means Mailock secure emails bypass junk and 'suspicious email' filters reliably.
Mailock integrates with Microsoft 365 and offers a desktop Outlook add-in for user controls. It is simple to deploy and manage, and desktop users won't have a problem navigating the options.
The Outlook add-in functionality includes:
If you're an organisation that regularly deals with financial services professionals, you'll be happy to know that an integration with Unipass ID is available. This makes it easy for financial services professionals (for example, advisers) to verify their identity using Unipass.
Mailock is the flagship product in a tri-product ecosystem from Beyond Encryption, which also includes authentication and smart admin solutions.
Beyond Encryption has built a reputation for making secure customer communications easy. If you are a customer-facing organisation, the ability to integrate seamlessly with our other customer engagement tools will benefit you if you choose Mailock.
Mailock starts at £9.30 per user per month for an individual account and £84 per user per year for an enterprise organisation. Cost-per-seat reduces with scale and volume-based pricing is also available.
"Your representative was very friendly and helpful. She was willing to do that bit extra to make sure my issue was resolved."
— Sasha, Financial Adviser
Beyond Encryption has a dedicated Mailock support desk based in Hampshire, UK, with an average rating of 4.9 stars out of 5.
Every organisation has different requirements when it comes to choosing a secure email solution for them, but in a nutshell...
Egress offers Q&A authentication only and requires recipients to create an account. It takes a 'black box' approach to DLP and has a combined product support desk.
Mailock offers Q&A, SMS, and Unipass authentication, is easy-to-use for senders and recipients, takes a 'clear box' approach to DLP and has a dedicated UK support desk.
Sabrina McClune, 18.06.24
Sam Kendall, 18.06.24