Across all industries, safeguarding sensitive data, especially within email communications, has become a priority. As email remains susceptible to various cyber threats, organisations are increasingly turning to secure communication solutions to protect sensitive customer data.
In this comparison, we take a look at the secure email services provided by Mimecast’s email security suite and Mailock, discussing their primary features and benefits, such as:
Outbound email protection: Important aspects to look for when assessing secure email solutions include the strength of the encryption, the presence of authentication and which types are available, and the capacity for email recall.
User interface and integrations: Incorporating a new solution into your organisation should be a smooth process that enables uninterrupted workflows. Possible integrations and ease-of-use are key contributing factors to ensure that businesses and end users receive the most from a solution.
Customer service and cost: Continuous support for the solutions you adopt can be a critical aspect for many businesses. The customer service a company provides, and the cost they ask in return for the use of their services, may be a deciding factor for many organisations.
At A Glance:
|Verification||None available.||Recipient verification with a choice of SMS, Q&A, email authentication, and Unipass authentication.|
|Message recall||Choice of preset message expiration, or manual message recall if the email has not been opened.||User-level email recall, available even when a message has been opened.|
|Free read-and-reply||Once logged in, a recipient can read and reply to an originating company.||Recipients can read without registering and can create an account to reply.|
|Read receipts||Read receipts available upon request.||Automatic read receipts and a full audit trail, detailing time opened, whether the attachment has been accessed, and recall status.|
|Integrations||Messages can be sent using Outlook, the Mimecast Personal Portal, or via the Mimecast mobile application.||Messages can be sent using Outlook or the Mailock secure web portal.|
|Branding||Users can customise the logo, colour scheme and name of secure emails.||Users can customise the name, logo and text of the recipient journey and notification emails.|
|Customer support||Free and paid support options available, rated 4.3 on Capterra.||Free support available, rated 4.8 on Capterra.|
|Pricing||Free licence available, with paid plans starting at £3.75 per user per month.||Free licence available, with paid plans starting at £9.30 per user per month (volume -based pricing available).|
What is Mimecast?
Mimecast is a cybersecurity company that specialises in email security and continuity solutions. With a primary focus on safeguarding businesses from the threats associated with email communication, Mimecast offers a suite of services designed to protect organisations against phishing attacks, malware infections, data leaks, and email system disruptions.
By utilising technologies such as machine learning and real-time scanning, Mimecast’s email encryption ensures that businesses can maintain a secure and uninterrupted flow of communication while adhering to regulatory compliance and data protection requirements.
Based in London, Mimecast serves a diverse range of companies across multiple countries.
What is Mailock?
Developed by Beyond Encryption, Mailock is a robust security solution for email communications, ensuring that confidential information is delivered to the right person. With a focus on outbound mail security, its primary features include end-to-end encryption, recipient verification, email recall, comprehensive audit trails, and bulk delivery.
Used by organisations across professional services, Mailock offers a range of licences to help both individuals and enterprises safeguard sensitive email communications while ensuring compliance with industry standards.
Headquartered in the UK, Mailock is the email platform of choice for the financial services and other regulated professional services including accounting and legal.
Mimecast Secure Messaging Service for Email
1. Email Security
Mimecast offers a range of security products, with their secure messaging service for email providing:
Mimecast’s AES-256 email encryption can be initiated manually by users or automated based on predefined criteria. This gives the system a degree of adaptability to implement security policies.
Predefined criteria that can be used to apply message security include the receiving domain or email address, or keywords found in the message content or subject line.
All messages have a 30-day expiration period. Organisations looking for robust audit trails for regulatory compliance may need to consider other solutions.
Mimecast offers several email recall options, including a manual message recall that can be triggered by the sender, and a preset expiration period that determines when the message becomes unavailable for the recipient to access. Manual email recall is only available if the recipient has not opened a secure message.
Mimecast also provides controls for printing and forwarding privileges, which can be applied by the sender individually or enforced using company-wide policies.
Currently, Mimecast only offers two-factor authentication to secure accounts and does not have any form of recipient authentication to protect individual messages.
Users must set a password for their account, which is then used universally, to access any secure emails they are sent. This leaves messages open to a number of password-based vulnerabilities.
Verifying your recipient is an important step in the secure email process, as it ensures your message is being read by the correct person. Simply encrypting a message does not protect sensitive messages from being accessed by the wrong person, especially if a threat actor has gained access to a recipient’s account, or if the sender accidentally sends an email to the wrong recipient.
Mimecast Suite users can request to receive a notification when the recipient reads a secure message. While this can be useful for determining whether important messages have been read, many organisations need access to full auditing capabilities to adhere to industry regulations.
While Mimecast does offer more in-depth monitoring within other packages, it is not a part of its secure messaging functionality.
With Mimecast Secure Messaging, users can add their corporate branding to outbound secure emails, including company names, colours, and logos.
Admins can create multiple branding sets and manage these within the administration console, enabling and disabling them easily. They can also choose to apply branding sets to secure messaging notifications.
2. User Experience and Integrations
User experience is a vital aspect of a new solution, for both the sender and the recipient. When analysing recent reviews for Mimecast, we find that user training for their products is extensive due to the complicated nature of their products.
“If you haven't thoroughly investigated the documentation and how the system operates, it can be a little complicated. To maintain everything functioning as intended, we must thoroughly comprehend the workings and limitations of the framework because it is so intricate.”
— Gartner Review
Users also report that the interface is vast and unintuitive, with a steep learning curve to become accustomed to the features. Overall, Mimecast has an average review rating of 4.4.
In terms of integrations, secure messaging can be initiated using Outlook, the Mimecast Personal Portal, or via the Mimecast mobile application. The messaging portal supports both user and/or policy-initiated security, with recipients able to access messages without the need to download software. It is worth noting that the desktop integration requires the manual insertion of trigger words to initialise the encryption process.
3. Customer Support and Pricing
With Mimecast’s secure email reported to be relatively complex, customer support would be a necessity for many. While they provide dedicated support resources, such as how-to articles, videos, and a community forum, users note that one-to-one support is difficult to work with and quite unresponsive – even when the support is additionally paid for.
“Even experienced admins will struggle with it, seek out support, and in many cases be rebuffed.”
— Gartner review
In terms of pricing, Mimecast offers the vast majority of its plans for organisations with 100 seats or more, although they have some options available for a minimum of 49 seats. This means that their solutions are unsuitable for small businesses.
Their plans start at £3.75 per user per month, with more extensive plans having undisclosed prices. They offer both a demo and a free trial, with customisable options available upon request.
Mailock Secure Email
1. Outbound email security
Mailock is a dedicated outbound email solution that safeguards confidential communications with an assortment of security tools:
Mailock employs end-to-end AES 256 encryption to ensure the security and confidentiality of messages and attachments transmitted through its system.
Message security can be applied in various ways, either by the sender or at the administrator level. This makes it easy to integrate the solution with existing workflows.
Mailock also incorporates an advanced key management system that ensures messages are only able to be decrypted by the intended recipient.
Mailock provides an additional layer of security by enabling its users to conduct authentication challenges. These challenges ensure the verification of recipients, reinforcing that only the intended individuals can access and read sensitive messages. This feature helps to prevent unauthorised access and makes sure that sensitive information doesn't fall into the wrong hands.
Mailock offers a variety of authentication processes, including:
SMS Authentication: Mailock users can automatically generate a unique numeric code that gets sent directly to the recipient's mobile device. Recipients must enter this code into the Mailock system to gain access to their secure message.
Q&A Authentication: Mailock users can pose a question to their recipient - a question that only the recipient would know the answer to. Once the recipient successfully provides the correct answer, they're allowed to read and reply to the secure message.
Unipass ID Verification : Particularly beneficial for financial professionals, Mailock offers a verification option using Unipass ID - a widely accepted digital certificate in the financial services sector.
By verifying that the recipient is the intended reader, Mailock significantly reduces the risk of sensitive information being intercepted or accessed by third parties.
Mailock users can easily retract any messages sent securely, blocking access to emails that were sent in error and preventing the unintended disclosure of sensitive information. This can even be completed once the recipient has opened a secure message.
Email recall can be conducted in a few clicks by users, via the Mailock Outlook add-in or the web app.
Senders of Mailock emails can decide whether to receive read notifications directly to their mailbox, which contains the recipient’s name and the time of opening. This feature can be switched on or off depending on business needs and allows users to be fully aware of when messages are opened by recipients.
Mailock also gives users a full audit trail, allowing them to view detailed information about each secure message they send, including whether attachments have been opened and the recall status of the email.
2. User Experience and Integrations
Mailock is known for its user-friendly design and straightforward implementation process, catering to a broad range of demographics and skill levels that ensures even those with minimal technical proficiency can utilise its features.
A particular focus has been placed on the Mailock recipient experience, which allows end users to read and download attachments from secure emails without the need to register for a free account - greatly simplifying the user journey and minimising potential barriers to use.
If a user wishes to respond to a secure message, they can easily sign up for a free account, which allows them unlimited replies. A free licence also has the benefit of providing 5 secure messages per month to initiate secure conversations with recipients of their choice, with one credit equating to one email and not one recipient.
To allow customers to continue with frictionless workflows, Mailock integrates with Microsoft 365 using a dedicated Outlook add-in. Users can compose messages as normal within the Outlook client, while securely sending them using the Mailock software.
3. Customer Support and Pricing
Beyond Encryption, the company behind Mailock, offers full support throughout the purchasing process and beyond, with an average customer rating of 4.9 out of 5. Potential customers are offered a one-to-one demonstration with a member of the Beyond Encryption team, with a two-week free trial available for users to experience the system's functionality first-hand.
“Problem sorted straight away and they even followed up to make sure everything was still working as it should.”
— Customer support review
Mailock offers three types of licences, with features and price points that cater to individuals, small teams, or large enterprises:
Free: This is suitable for users who need secure email services occasionally, granting them access to basic Mailock features such as email encryption, Q&A email authentication, integration with the Outlook add-in, and read notifications.
Pro: Aimed at professionals and teams, this licence begins at £9.30 per user per month. It includes all the features available in the Free licence, along with additional functionality such as SMS and Unipass authentication challenges, company branding, trigger words, audit trails, and the message recall feature.
Enterprise: Designed for high-volume data protection needs, the pricing for this licence varies depending on the chosen package. The Enterprise licence includes all the features of the Pro and Free licences, with users also having access to advanced delivery analytics, API control and monitoring, an option for on-premise or cloud deployment, and the capability for automated and bulk sending.
There is no minimum seat count for licence purchases, with plans being billed on a monthly basis, removing the need for businesses to be locked into lengthy contracts.
Mimecast vs. Mailock
Depending on your organisation, you will have different requirements and features that you will be searching for in a secure email solution. While both Mimecast and Mailock are suitable choices, let's summarise the differences between them:
Mimecast: Extensive branding options to personalise secure messages, a choice of email recall or pre-set expiration, and no forwarding/printing rules. However, there is a minimum licence count for customers, no recipient authentication capabilities available, and a steep learning curve for software use. To address some of its limitations, Mimecast’s suite of products can be complemented with other encryption solutions. They even provide a support guide for configuring 3rd-party encryption.
Mailock: Offers AES-256 encryption, a choice of recipient authentication, strong customer support, and caters to businesses of all sizes with flexible licence numbers and monthly billing. While the solution is predominantly used in regulated professional service industries, the depth of its features makes it a suitable solution for users in all industries.
18 09 23
Posted by: Sabrina McClune
Sabrina McClune is an expert researcher with an MA in Digital Marketing. She was a finalist in the Women In Tech Awards 2022. Sabrina has worked extensively with B2B technology companies conducting and compiling thorough academically driven research to produce online and offline media. She loves to read fantasy novels and collect special edition books.
Get live updates
Subscribe to our exclusive secure communications content for professionals in regulated sectors.