Egress vs Mailock: Secure Email Comparison And Review
Article
10 min

Egress vs Mailock: Secure Email Comparison And Review

Posted by Picture of Team B.E. Team B.E.

Choosing the best email encryption solution for your business is crucial. In this review, we will be comparing Egress and Mailock for their secure outbound email capabilities.

There are many ways to review and compare secure email or email encryption solutions. Each company will have different priorities in terms of security, user experience, and integration with other tools.

In this review, we compare Egress and Mailock for their secure outbound email capabilities, based on:

  • Outbound email security: The most important features to consider when you're looking at secure email solutions are encryption strength, data loss prevention prompts, and authentication capabilities.
  • User interface and experience: Any system you use to communicate with customers must put user experience first and should avoid introducing unnecessary friction and compromising operations.
  • Integrations and ecosystem: How a solution integrates with your current infrastructure, and the other tools available in its ecosystem, will help you to see if it can be deployed easily and for the long term.
  • Cost and customer support: Cost should never trump security, but it's a factor. And, so is the ongoing support you'll receive.

Egress vs Mailock: Comparison And Review At A Glance

 

Egress
Intelligent Email Security

Beyond Encryption
Mailock
Outbound email security
  • End-to-end AES 256-bit email encryption
  • Limited recipient authentication (Q&A or Egress account sign-in)
  • 'Black box' approach to data loss prevention prompts (machine learning)
  • End-to-end AES 256-bit email encryption
  • Flexible recipient authentication (Q&A, SMS, Unipass ID)
  • 'Clear box' approach to data loss prevention prompts (trigger words)
User interface and experience
  • Unregistered recipients must register to read
  • Configurable privileges (e.g. restrict forwarding or downloading)
  • 25 credits/month for free users (1 credit = 1 recipient)
  • Unregistered recipients can read without signing up
  • Simple access privileges (i.e., works like a normal email)
  • 5 send credits/month for free users (1 credit = 1 send)
Integrations and ecosystem
  • Integrates with Microsoft Outlook and 365 for desktop functionality
  • No single-sign-on (SSO) available - users must log in with Egress credentials
  • Multi-product ecosystem including 296 outbound and inbound email and data security products
  • Integrates with Microsoft Outlook and 365 for desktop functionality
  • Integrates with Unipass ID single-sign-on (SSO) for financial services users
  • Tri-product ecosystem built around a specialisation in secure communications - Mailock is the flagship
Cost and customer support
  • User or volume-based pricing, negotiable at scale - guide cost is £90/user/year
  • Combined support desk for its 296 security tools
  • User or volume-based pricing, negotiable at scale - guide cost is £84/user/year
  • Dedicated support desk for Mailock secure email

Overview of Egress and Mailock Solutions

What is Egress?

Egress' Intelligent Cloud Email Security Suite uses patented self-learning technology to detect inbound and outbound threats and prevent data loss. It is designed to reduce human-activated risk. Its Prevent and Protect tools enable businesses to send encrypted emails from Outlook or M365 preventing email mistakes and misfires. It also offers some automation capabilities for the delivery of secure email to customers at scale.

What is Mailock?

Mailock empowers businesses and customers to exchange sensitive information using email with the confidence that only the right people can gain access. By combining high-strength encryption with the ability to authenticate recipients, organisations are able to record proof of delivery while taking advantage of all the benefits of email. Mailock works as a web app, Outlook integration or secure email gateway (cloud/on-premise) and is designed to support high-volume delivery using automation.

Egress email security

Egress is a solid tool for encryption and data loss prevention and has basic authentication capabilities.

Outbound email security

Egress uses military-grade end-to-end AES-256 encryption to protect confidential emails from interception.

This can be applied by individual users, from their Windows Outlook ribbon bar, or by administrators using M365 rules.

Egress also offers limited recipient authentication. Users can set question-and-answer challenges (the example provided on their website is "what's your date of birth?") that recipients must answer correctly to gain access.

However, no SMS challenge is available for securing individual messages. Instead, administrators can require accounts accessing information in their company's workspace to use SMS authentication to sign in to their Egress account. Creating or signing into an Egress account is a requirement for anyone who wishes to read, download, or reply.

Egress' focus on human-activated risk is realised through a machine learning program that analyses email contents and recipients to detect anomalies that could present a threat. It then prompts users to send an email securely if it contains confidential information.

This 'black-box' approach is similar to how your email provider (e.g., M365) detects suspicious activity, and it works out of the box.

Of course, this approach does have the risk of creating a false sense of security, with users coming to rely on the machine to tell them if their email might need to be secured. As administrators have no way of knowing what and how the machine is learning, they may find it difficult to relinquish control over their users' data protection behaviour.

If an email is sent unsecured, and it should not have been, users and administrators can revoke it using their audit log. This is unilateral and works regardless of a recipient's infrastructure. Audit logs also show send and access timestamps for each securely sent email.

User interface and experience

Egress offers configurable access privileges (such as do not forward, do not print, and disable download), which M365 customers will be familiar with.

As with M365's email access privilege settings, users and administrators can configure the access granted to the recipients of secure emails. For organisations with complex security policies that require it, this feature will tick the right box. However, most people will be aware that there are relatively easy ways to bypass these controls. They should be seen more as a lightweight barrier than complete prevention.

As we mentioned earlier, recipients of an Egress secure email must create an Egress account to read it and download any attachments.

If a question-and-answer challenge has been set, they'll need to pass the challenge after they sign into their account before they can do what they need to with the secure email they've been sent.

The requirement to create an Egress account to read an email could be slightly frustrating for people who would prefer easy access to important information they've been sent, but it does come with benefits. A free Egress account will allow recipients to send secure emails to 25 people each month (note: cc'd recipients of a single email use up multiple email send credits). This may help them to keep the information you send them protected if they need to share it with anyone else.

Taking a look at their Trustpilot reviews, it's clear that there have been some frustrations with Egress' user experience in the past. Though the interface has improved, the restriction on end recipients to create an account for read access may be too much of a barrier to use.

Another potential issue could be the use of the .htm format for attachments. This often leads to emails being blocked by email filters or marked as junk. As Egress grows in usage, it may be that email filters will learn to trust the format when sent with Egress' security.

Integrations and ecosystem

Egress integrates with Microsoft 365 and offers a Windows Outlook add-in for users' desktops. This is simple to deploy, though the configurable access privileges users will have to choose from in Outlook may be confusing, and it is worth covering them first in a training session.

The Outlook add-in functionality includes:

  • secure compose option
  • auto-decrypt for secure emails
  • audit trails and revoke function
  • 'before-you-send' warnings
  • access privilege config
  • settings

As yet, Egress offers no single-sign-on (SSO) integration for users to easily authenticate their ID.

In terms of its ecosystem, Egress is a multinational security company with a range of products built around data security. Secure email is one of many products ranging from inbound to outbound protection.

The ability to integrate seamlessly with its secure workspace, form, and phishing products could be a strong reason to choose Egress. However, as secure email is not the organisation's main focus, it must be taken into account that feature requests could be acted on infrequently.

Cost and customer support

Egress provides a guide cost of £90 per user per month. The cost-per-user reduces with scale. You can contact the team for an estimate.

Egress' combined support desk for their product suite receives enquiries from all over the world. Their customer review score on Trustpilot is 3.3 out of 5 stars. However, the extent to which this is due to users' experience of Egress' products as opposed to service is unknown.

"We are an Egress Partner (Reseller) - If our experience is bad, I hate to think what it is like for an end-user. I can never get hold of anyone over the phone."

Jason, Egress Parter

Mailock secure email

Mailock is perfect for organisations that need to send confidential information securely to the right recipients without friction.

Outbound email security

Mailock uses military-grade end-to-end AES-256 encryption to protect confidential emails from interception.

Users can secure individual emails sent from the Windows Outlook client, and administrators can use keywords and M365 rules to apply outbound security on a company-wide basis.

To make sure sensitive information always reaches the right person, Mailock offers multiple authentication challenges. They include:

SMS: Send a one-time code to your recipient's mobile device.
Q&A: Ask your recipient a question only they could correctly answer.
Unipass ID: Allow financial professionals to verify their ID using Unipass.

These unique identity challenge processes can be applied by users or administrators. They offer robust protection that ensures sensitive misdirected emails remain encrypted regardless of whether an unauthorised party can gain access to a recipient's inbox.

Mailock provides default sets of keywords that trigger emails to be encrypted or surface prompts asking users if they want to send a message securely. These default sets can be edited by administrators to customise Mailock to their information security policy. Administrators can also set rules using M365 to secure particular types of emails.

This transparent, or 'clear box,' data loss prevention (DLP) approach gives organisations complete control over the initiation of a secure email and 'before you send' warnings. However, administrators should regularly review these keyword sets to make sure they are kept up-to-date.

For misfired emails, Mailock has the capability to audit and revoke secure emails both at the user and the administrator level. As with Egress, Mailock's revoke function is immediate and unilateral.

User interface and experience

One of the key reasons businesses choose Mailock is so that their recipients can read secure emails and download any attachments without needing to register for an account.

If an authentication challenge has been set, the recipient will need to complete it, then they can read their message and download any attachments like they would with a normal email.

Recipients can create a Mailock account to reply securely. This is a quick and easy process that will give them five free secure emails each month to send to anyone else (note: send credits are per email, not per recipient, so a single email with multiple people cc'd uses up one credit).

Mailock prioritises a smooth user experience over complex tiered access privileges (e.g., do not forward, do not print, disable download). Recipients have a consistent experience with secure emails every time; senders are not overloaded with decisions to make before sending. Once recipients have access, they have full access, just like a normal email.

The delivery of attachments in their original format, and the fact that the system is well established in the financial sector, means Mailock secure emails bypass junk and 'suspicious email' filters reliably.

Integrations and ecosystem

Mailock integrates with Microsoft 365 and offers a desktop Outlook add-in for user controls. It is simple to deploy and manage, and desktop users won't have a problem navigating the options.

The Outlook add-in functionality includes:

  • secure compose option
  • auto-decrypt for secure emails
  • audit trails and revoke
  • 'before-you-send' warnings
  • settings

If you're an organisation that regularly deals with financial services professionals, you'll be happy to know that an integration with Unipass ID is available. This makes it easy for financial services professionals (for example, advisers) to verify their identity using Unipass.

Mailock is the flagship product in a tri-product ecosystem from Beyond Encryption, which also includes authentication and smart admin solutions.

Beyond Encryption has built a reputation for making secure customer communications easy. If you are a customer-facing organisation, the ability to integrate seamlessly with our other customer engagement tools will benefit you if you choose Mailock.

Cost and customer support

Mailock starts at £9.30 per user per month for an individual account and £84 per user per year for an enterprise organisation. Cost-per-seat reduces with scale and volume-based pricing is also available.

Beyond Encryption has a dedicated Mailock support desk based in Hampshire, UK, with an average rating of 4.9 stars out of 5.

"Your representative was very friendly and helpful. She was willing to do that bit extra to make sure my issue was resolved."

— Sasha, Financial Adviser

Egress vs Mailock

Every organisation has different requirements when it comes to choosing a secure email solution for them, but in a nutshell...

Egress offers Q&A authentication only and requires recipients to create an account. It takes a 'black box' approach to DLP and has a combined product support desk.

Mailock offers Q&A, SMS, and Unipass authentication, is easy-to-use for senders and recipients, takes a 'clear box' approach to DLP and has a dedicated UK support desk.

Want to learn more about Mailock?

Return to listing