In the universe of email and messaging, change is accelerating. The world of IT came up with a new marketable buzzword with earth-shaking repercussions: Unified Communications.
“Organizations often have complex internal routing requirements necessitating an internal e-mail backbone”
wrote Gartner Group in „Email is a Commodity and other Fairy Tales“ by Matthew Cain back in 2011. In 2013, Gartner called out “Sendmail’s unique position” in the market for mail servers. Not long thereafter, Japan-headquartered Proofpoint, Inc acquired Sendmail, Inc. with its MTA technology to bolster its position in enterprise security and messaging. Proofpoint, Inc is the maker of the Sentrion family of email appliances and cloud services.
On January 28, 2015, Amazon introduced a preview of WorkMail, a cloud-based mail solution (seen as an alternative to Microsoft Exchange).
Milter.org, once the largest open source resource center with a catalog of nearly 100 milters that can be used with either Sendmail or Postfix, has been shut down in 2015.
In 2015, Google hired Wietse Zweitze Venema who just happens to be the original creator of Postfix, the leading open source alternative to Sendmail that originated at IBM, is widely popular for its sophisticated simplicity, and is included in many Linux distributions of today.
Microsoft, having faced a mediocre acceptance for Exchange Server on Azure (mostly because of its steep hardware requirements in combination with the usual administration challenges), is pushing Microsoft Exchange Online as a Unified Messaging mailbox. Businesses, on the other hand, are frequently overwhelmed with the complexity of managing mail services for themselves, but unlike consumers, are facing an existential challenge of staying on top of their communications.
Despite all the commotion in the world of e-mail-turned-Unified-Communications, one thing hasn’t changed much: consumers still expect their e-mail to be a free service. The merits of email as a paid service are lost on individuals who are constantly confronted with a barrage of email services from competitors who are more than happy to give their offerings away “for free”. Consumers don’t see fit why anyone should pay for email because they don’t mind giving up some degree of privacy in exchange for easing the burden on their budgetary constraints.
Businesses, on the other hand, are actually willing to pay for email services in order to minimize the administrative burden of running their own mail servers. Even so, by outsourcing digital communications, many of them may be jeopardizing their long-term survival.
There are no free lunches.
There are no free lunches or the catch to outsourcing e-mail services
If you have ever used a Gmail account you know that creepy feeling that your mail service provider seems to know more about the contents of your inbox than even you do. Regardless of whether your bank has mailed you a new credit card, an order confirmation hit your email account or you are meeting with a realtor next week, Google is usually not only privy to this information but also not ashamed to use it in order to “personalize” your searches.
For consumers, such customization, to some extent, equals convenience. For a business, on the other hand, this quickly turns into Internet alteration and is a whole new ball game altogether!
Google sells your e-mail keywords to the highest bidder with your consent
If you happen to be using Google Gmail, you are allowing the advertising giant to eavesdrop on all your digital correspondence. Google knows how to milk it for all it’s worth: they will scan your email activities in search of marketable information, monetize it through their partnerships, and you will have to play nice. But why should you? Have you ever asked a colleague or a friend of yours to send you an e-mail to your Gmail account over and over again only to realize that it would never arrive?
If so, then you know that awkward feeling in your stomach: What if it had been the most important e-mail of your career or the business proposal of a lifetime? You would probably never even know about it.
The same goes for Googles business email services, Gmail for Work.
Why should you share mission-critical information about your company with anyone? Why would you want to let Google decide which e-mails arrive in your inbox and which do not? There is a significant downside to server-side spam fighting efforts by third-parties like Google, Amazon, Microsoft, and others: you never know for sure which e-mails are delivered and which will be dismissed.
The best advice in a nutshell: never outsource mission-critical information to your (direct or indirect) competitors. Google is in the business of making money off of you and your business is, in most likelihood, not big enough for them to care whether you survive their services or they survive you…
Lurking in the fine print of the ToS you never read…
If it’s too good to be true than it usually is. In case of email services, there is always a big catch lurking in the fine print you probably never bothered to read. In IT, where sometimes only the biggest (or only the paranoid) survive, there are really no free lunches. For once, no one cares about the security of your data the way you do.
Should critical information about your business leak because your work mail provider was hacked, rest assured that your cloud provider has the slimier and more reckless lawyers. The chance of your side winning any damages is close to zero.
When it comes to keeping your data safe, your team is more on target than that of any external provider, because ultimately, it is all about the right incentives. In your business, data security trumps short-term profitability. The same cannot be currently said of third-party mail services, Unified Communications or not. For example, as of this writing, none of the major providers of commercial email services that target businesses has bothered to apply CSPs (Content Security Policies) to their web mail front-end, which is a shame indeed.
If you want to tackle your e-mail needs the smart way, you can use Postfix & Dovecot, two open source applications for Linux/Unix-style servers. (If spam is an issue, you might like to read: How to Set Up Anti-Spam Filters Using Regular Expressions the Smart Way).
You can find more about cyber security on CloudInsidr:
Troubleshooting PHP 7 and NGINX when using TCP Sockets with SELinux on CentOS 7 (RHEL/Fedora)
High-Stakes, High-Security LEMP Setup: Nginx with MariaDB/MySQL, and PHP 7.x on CentOS 7 (RHEL/Fedora) with SELinux