Are your secure emails creating more friction than protection?
Harry Holland is our lead Product Manager at Beyond Encryption.
In this bonus episode of the podcast, he explains how we've made it easier than ever for regulated companies and their clients to adopt secure email, balancing security and compliance with ease-of-use to support operations.
Too often, security tools become roadblocks. Harry shares how advanced yet simple email encryption can align with client expectations, reduce digital friction, and build trust without compromising on commitments.
| You can watch this video on YouTube or listen to the interview on our podcast channel. |
Every new tool seems to ask for another account, another password, another step.
And research suggests people are tired of it.
Harry highlights that on average, we each manage access to around 118 digital portals throughout the year.
This digital fatigue drives resistance to new registrations and complex verification processes.
That’s why Harry's been working on a new Guest Reply feature for our secure email platform, Mailock - a way to let customers respond securely to encrypted emails without creating an account.
Harry explains that this product decision wasn’t just about convenience - it was about enabling two-way secure communication without compromising user authentication or compliance.
Regulated industries such as financial services need more than just good intent - they need encrypted channels that meet rigorous standards.
As Harry explains, security protocols like AES-256 encryption ensure the technical layer is solid.
But it takes more than encryption alone.
To satisfy compliance, Harry and his team need to layer authentication measures onto the Mailock platform without dismantling usability.
This includes recipient verification tools that confirm emails are accessed only by the intended recipient, supporting both security and regulatory confidence.
“Putting the user first” is at the core of these decisions, Harry says.
That philosophy prioritises seamless integrations, familiar behaviours, and intuitive touchpoints across all devices.
Staff often underestimate how risky email really is.
Many firms still lean on policy over technology, telling employees to avoid email for sensitive data rather than securing the emails properly.
The problem with that approach?
Customers still expect to receive important information via email.
And employees still make mistakes.
Human error remains the leading cause of data breaches, with misdirected emails topping the list.
This is why tools that secure the email channel itself - rather than relying on users to stay perfect - are so valuable.
"Human error is still the largest part of these data breaches, with misdirected emails being one of the main reasons for that."
Harry Holland, Beyond Encryption
Security needs to be strong, yes - but it also needs to be usable.
Harry compares current security expectations to logging into online banking.
Users are already familiar with two-factor authentication, one-time passcodes, and standard verification flows.
Designing secure email around those familiar experiences means users aren’t lost or intimidated.
Instead, they see the process as normal - just part of habitual everyday security.
This helps reduce the friction perception often associated with secure tech.
Harry adds that including things like onscreen progress indicators, tool tips, and device-agnostic interfaces helps strengthen compliance while keeping effort to a minimum.
Security is meaningless if users don’t engage with the tools they’re given.
That’s why adoption rates matter.
Harry shares how we now send millions of secure communications every year on the Mailock platform - with an average open rate of 77%.
That’s significantly higher than the industry norm.
Email portal open rates typically hover in low single digits.
This is especially notable because many users are from older demographics who aren’t traditionally seen as highly digital.
But the data shows they are participating - because the tool design supports them to do so.
"The numbers really do speak for themselves.
A 77% open rate really is high considering portal rates tend to be in the low single figures."
Harry Holland, Beyond Encryption
Email isn’t going anywhere anytime soon.
As Harry points out, over 360 billion emails were sent per day in 2023, and that number will likely climb to 400 billion daily emails by 2027.
So designing our secure comms infrastructure around email - rather than trying to push against it - remains a smart strategic play.
Meanwhile, as authentication standards evolve, those behaviours are becoming more normalised in society.
That means email security must keep evolving too - not just to stay secure, but to stay aligned with user expectations.
Harry confirms that his team will continue to follow these changes and adapt the Mailock platform accordingly.
Harry explains that the team's goal with Guest Reply, and across all their activities, is to open up secure communication to more people without turning it into a chore.
This matters because it leads to better outcomes for businesses, clients, and customers - higher engagement, better compliance, and more trust in every exchange.
Guest Reply enables Mailock secure email recipients respond securely without needing to register or create an account.
They allow firms to share sensitive data while meeting compliance requirements like GDPR or FCA guidance.
It is a military-grade encryption standard used to protect data from unauthorised access, used by Mailock to secure emails.
By designing tools around familiar behaviour, like mobile verification, and simplifying steps for users with clear flows and help prompts.
Device-agnostic design, intuitive UX, and no password creation help drive high engagement rates, even across older demographics.
Cyber Security Breaches Survey 2025, Department for Science, Innovation and Technology (UK), 2025
The Cost of Data Breach Report 2024, IBM, 2024
Know They User: Authentication Explained, Beyond Encryption, 2025
Digital Trust Survey 2024, PwC, 2024
Sam Kendall, 15.04.2025