Should You Use Hushmail for Encrypted Email? | #emailsecurity | #phishing | #ransomware

Hushmail is a Canadian-based email provider founded in 1999. The company that runs it in turn is a subsidiary of a US firm.

Since its creation, Hushmail has adopted industry-standard encryption technologies like OpenPGP and TLA/SSSL for its secure email services. Currently, Hushmail is focused on serving the medical and legal industries and small businesses. Hushmail emphasizes their commitment to securing the privacy of your organization and clients’ information (in the case of businesses) but also stresses that they comply with Canadian warrants requesting data from the Canadian and US governments.

Here are some of its main features.

General Security Features of Hushmail

Hushmail uses OpenPGP encryptions, which also supports encrypted communication with non-users. To allow this, Hushmail does not send the email directly to the recipient; instead, it sends them a link to Hushmail to log in and view the message securely. Its encryption also allows Hushmail to use unique secure forms. Secure forms are used for various business types allowing clients to communicate with you and securely send you encrypted files (all plans include these). This is especially useful for healthcare companies that often require customers to complete sensitive questionnaires before scheduling visits or helping doctors diagnose a medical problem.


Hushmail uses zero-knowledge architecture. This means that Hushmail can’t decrypt your emails without your password. Your emails can only be decrypted with a Canadian warrant specifically requesting your data if there is a reasonable belief that a crime has been committed.

General User Features

Apart from its unique security features, Hushmail also offers a very simple user interface with standard email services. As with most user-friendly email providers, Hushmail allows you to create email folders, set up automatic responses, block senders, create email aliases, and set up two-factor authentication, and access 10GB of storage. Hushmail also supports POP/IMAP so that you can access your email and contacts in your program of choice (e.g. Outlook, Mail, or Thunderbird).

Hushmail’s import feature helps you to migrate your contacts from other email providers in CSV format. Another unique feature is its enhanced search of contacts. Hushmail’s contact search feature provides more information about each contact than the usual email provider. Instead of just a list of names and email addresses, Hushmail allows users to easily pick out specific contact information directly from the search tab without having to open each contact file to find particular data. This feature is especially useful for businesses with hundreds of clients.

So How Secure Is Hushmail?

Since Hushmail is Canadian, it adheres to Canadian privacy laws, which require the company to keep logs of activity and release information if a warrant is issued. The company can also access specific client data to ensure its services are not abused or used for illegal purposes. It is important to note that Hushmail is transparent about the data they can access under exceptional circumstances. Hushmail is also clear about how they protect stored data and records from hackers and malware. Apart from the government and Hushmail itself, data and emails remain well encrypted from anyone without your password

Support for Hushmail Users

Hushmail has a toll-free number that you can call 7:00 AM to 5:00 PM Pacific Time, Monday to Friday. Hushmail support is also available through email, which they take one business day to reply. Of note, telephone and email support is not available for free Hushmail accounts.They also have a Twitter, Instagram, and Facebook account where they regularly post on updates and tips to easier navigate Hushmail. You can also contact them through their Facebook account for support. You can also visit the Help section of Hushmail’s website to access over 100 articles for almost every query you will have.

What Are Hushmail’s Downsides?

Hushmail’s main security downside is that to make an account, Hushmail will record your IP address, and you will be required to give your current email address and confirm your phone number. Hushmail also keeps logs of site visitors’ IP addresses, your IP address, emails, credit card information, and billing address when you make payments. Records of activty are kept for up to 18 months at a time. This information is susceptible to data breaches and can even be transferred to third parties.

Another downfall is that emails are encrypted on Hushmail servers rather than on your own computer, making is possible for Hushmail employees to potentially read your emails, and since Hushmail uses OpenPGP encryption, it cannot encrypt email recipients and subject lines; Despite this, it still provides a robust encryption protocol for the body of your emails

Finally, unlike must email providers, Hushmail does not provide a calendar.

Pricing and Plans

Hushmail provides four main price options, depending on your intended use.

Hushmail for Healthcare

This plan is configured for HIPAA (Health Insurance Portability and Accountability Act Compliance is the process covered entities need to protect and secure a patient’s healthcare data or Protected Health Information). It also comes with a signed Business Associate Agreement, built-in email archiving, five encrypted email accounts, secure web forms, electronic signatures, and a private message center.

Hushmail for Law

Similarly to the healthcare plan, it allows you to send secure web forms, access a private message center, and send e-signable documents (for an additional +$4/month per user). The plan also allows you to have unlimited email aliases, create up to 100 email addresses that are automatically redirected to one of your accounts, and record all emails sent and received by all users in the domain.The main feature of this plan is that it includes a signed agreement to support the claim of attorney-client privilege in the U.S., Canada, and the U.K.

Hushmail for Law

Hushmail for Small Businesses

This plan allows for unlimited email aliases, up to 100 email addresses that are automatically redirected to one of your accounts, and send e-signable forms (for an additional +$4/month per user). The main difference with the Law plan is that it does not include access to a private message center.

Hushmail for businesses

Hushmail for Personal Use

Ideal for startups or freelancers, this plan includes the standard encryption features (listed at the beginning of the article), secure web forms, and 10GB of storage. However, this plan will only allow you to use Hushmail-provided domain names; if you want a custom domain name, you need to choose one of the business accounts.

Secure Your Email With Hushmail

Hushmail is a good secure email provider for businesses looking to safeguard their client’s information. Hushmail’s OpenPGP and TLA/SSSL industry-standard encryption technologies will secure client’s emails and personal information against most types of attacks. These features and certifications make it ideal for businesses dealing with sensitive data, such as healthcare and law offices. Yet, the price, lack of a calendar, mobile-app compatibility, and the fact that Hushmail employees can access your data, does not make it ideal for individuals who are looking for privacy and commodity. There are better options for personal use, which are cheaper or even free. This does not mean Hushmail is not good, it is simply built for businesses.


The 5 Most Secure and Encrypted Email Providers

Read Next

About The Author

Original Source link

Leave a Reply

Your email address will not be published.

8 + one =