Email is now an essential communication path between business and client. So, how do you know what kind of email service to choose for your business? Do you choose a free email provider or a paid email service?
Both styles of email providers come with advantages and disadvantages. Where the free provider is weak, the paid provider is strong, and vice versa. Understanding these strengths and weaknesses can help you choose the best email service style for your business.
In this article, we outline
For over 25 years, WEBIT Services has helped hundreds of clients develop IT strategies, find IT solutions, and reach their IT goals.
By the end of this article, you will learn about the pros and cons of free and paid email services to help answer the question, "Should my business use a free or paid email service?"
The 3 benefits of free email services
1. It's free!
Free email services do not require payment for licensing, adding users, or for many of their features.
2. Free email is easily accessible
Free email services are easy to access both through desktop computers and mobile devices.
Services like Gmail and Outlook.com (not to be confused with Microsoft 365's Outlook—a paid email service) also have mobile apps to check your email smoothly from your smartphone or tablet.
3. It's easy to create new accounts and add users
Creating new, free email accounts is typically relatively straightforward. Simply sign up, choose an available email address, and activate your account.
The 5 disadvantages of free email accounts
1. Free email services are not HIPAA compliant (and may not meet other industry compliance standards)
If you're working in the medical field, you should not use a free email service because they are not HIPAA compliant.
HIPAA requires subcontractors and service entities(i.e., email providers) to provide a business associate agreement (BAA) when working with a healthcare provider. This document signifies that both the healthcare provider and service entity will take the necessary precautions to protect patient information.
Free email services do not offer BAAs because they do not offer the tools or abilities to track information and account use in depth.
IT compliance reaches beyond the healthcare industry. If your business must meet industry compliance standards, speak with your lawyer or compliance specialist to verify whether or not your email provider is compliant.
2. Free email addresses are harder to verify and easier to "spoof"
When you use a free email account, your email address will end in the services' domain. For example, when users sign up for a free Gmail account, their emails will always end in "Gmail.com," not "Mydomain.com."
Free email accounts are without Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) DNS records, which give emails unique domain names (@free-email.com vs. @mybusiness.com). SPF and DKIM records verify that email messages came from your business email account.
Without SPF and DKIM records, messages sent from free email accounts can't be verified by those sending or receiving them. They may also automatically end up in Spam folders instead of Inboxes.
In addition, free email services' generalized domains make it very easy for a cybercriminal to copy your email address and send malicious messages posing as your business.
For instance, let's say your email account is "Businessl@free-email.com" and your client receives an email from "Business1@free-email.com." Will they know it's not you? Or do the addresses look so similar that your client won't see the difference?
3. Breaches in free email accounts are harder to track and verify
Because free email accounts all have the same domain name, it's incredibly difficult to identify which accounts cybercriminals breached.
Free email providers have a massive user pool and often lack the tools to identify specific breaches.
So instead, you may receive a message like, "We believe X accounts may have been compromised. Please change your password if you think your account has been compromised."
4. Free email services are incompatible with email security tools
Free email services are often incompatible with email security tools like phishing reporting, advanced spam filters, and forensic tools to track use and potential breaches.
Essentially, your email security is limited to free security features and good email user habits (i.e., not clicking suspicious links or attachments).
While this may be fine for a personal account, it can present significant security risks for a business account.
For example, if one of the free email accounts for your business is hacked, you cannot:
- Stop the compromised address from sending spam or phishing emails to clients or other users.
- Track which address was compromised.
- Track what actions led to the breach.
- Alert your clients of the breach, compromised account, or other vital information.
Due to these limitations, it is virtually impossible to perform cybersecurity audits with a free email provider.
In fact, if a client requests a security audit or your industry's compliance requires security audits, using a free email account will result in audit failure.
5. Free email providers cannot create shared inboxes
Businesses often like to utilize shared inboxes so that groups of users can all see or access specific emails. Unfortunately, free email accounts only support a single user and password.
For example, your sales team may all need access to a "email@example.com" or "firstname.lastname@example.org" email. You want messages sent to this single address to go to each sales team member or allow each member access to the inbox.
With a free email account, you can create the email "email@example.com," but you cannot add new users to that account or assign delegate accounts.
Emails sent to this inbox will stay there alone and will not automatically be accessed by multiple users.
While this may not be an issue initially, what happens if the team member managing that account leaves? How do you decide who accesses and manages that account?
The 5 benefits of paid email services
As we said previously, the weaknesses of free email services are the strengths of paid email services.
1. Paid email services are industry and HIPAA compliant.
Paid email services provide a BAA, making them HIPAA compliant.
They also include the ability to monitor and verify messages sent and received by that domain, which can support auditing.
2. Paid email services are easier to verify and harder to "spoof"
Paid email services provide SPF and DKIM DNS records, giving your email accounts a unique domain name. This makes it harder to copy or fake emails from your business.
- Breaches are easier to track and verify
When you are emailing from a unique domain name (i.e., @mybusiness.com) and a breach occurs, the information is specific.
As a result, your pool of users is more limited, and your domain is more controlled. Therefore, breaches can be traced and isolated with relative ease.
4. Paid email accounts are compatible with several security tools
Paid email accounts are compatible with the following:
- Spam filters - tracking spam coming into and going out of your account.
- Phishing reporting tools – allowing users to report and identify harmful emails
- Forensic tools – tracking breaches and email use
These tools allow users to protect company and client data. They are also compatible with security audits, allowing auditors to view email use and practices.
While email security tools cannot replace good email user practices, they are an invaluable resource for breach prevention.
5. Paid email providers allow shared inboxes
Paid email providers can create shared inboxes or assign delegated users to access shared inboxes. This way, an entire team can smoothly access and send messages from both the team account and their individual email addresses.
The 3 disadvantages of paid email services
1. There's a cost to create accounts
Paid email services do come with a bill. To create an account and add users, you must buy a license or pay a subscription fee.
2. Paid email service may or may not be easily accessible on mobile devices
Depending on where you bought your email service, it may be slower or more difficult to access on mobile devices.
However, the most popular paid email services have both desktop and mobile apps for easy use.
When signing up for a paid email service, you may want to verify how it interacts with mobile devices.
3. It can be tricky to add users
As mentioned in point 1, paid email providers require new license purchases for each new user. This process is a little more complicated than when signing up for a free service, but it is a task your IT provider or IT team can perform with ease.
Next steps for choosing your email service
As you decide on a free or paid email service for your business, ask yourself the following questions:
- Do I have a budget set aside for email?
- How important is it that my email service follow a compliance standard?
- How important is it that my domain is unique?
- How important is it that I can track email use and email breaches?
- How important is it that my email service is compatible with additional security tools?
- Do I need or want shared inboxes for my company's individual teams or departments?
A free email service would likely meet your business's needs if you answered "Not that important" to most of these questions.
However, if you answered, "It's very important," you should look into a paid email service.
Talk to your IT provider or internal IT team to discuss the best email provider to meet your needs. IT teams specialize in the different services, tools, and budgets offered by various email services.
WEBIT Services has helped hundreds of clients in the Chicago area find the IT tools and services to reach their IT goals.
If you are looking for a new IT provider, schedule a free 30-minute consultation to see if WEBIT can help.
If you're not ready to make a commitment but would like to learn more about IT business questions and solutions, we recommend the following articles: