The incredible success – and utter failure – of email

Security is always a balance – between convenience and openness – versus risk. But that openness could also be email’s downfall. How to make sure email remains a strong and trusted mode of communication for your brand.

Man pointing to security icon for email
Thinkstock

Security is always a balance between convenience and openness versus risk. In that respect, email is no exception. The benefit of email is that no one owns it and that anyone can set up an email service with little effort. The ubiquity of it, the heterogeneous environment that email fosters, is unparalleled.

There is a wonderful quality to email that’s easy to overlook in today’s overheated market for mobile, social, AI-powered, virtual reality, big-data apps. Email just works, and it works everywhere. Someone in Uzbekistan is able to send an email to someone in Canada without having to ask anyone permission, go through any gatekeepers, or pay any tolls or fees apart from whatever they need to get Internet access in the first place. Who knows? It could be an amazing message, potentially life-changing for the recipient.

But that openness is also email’s downfall because that email from Uzbekistan could easily be a phish, a fraudulent message designed to trick the recipient into downloading a malicious file, giving up the password to a critical account, or sending back personal information. There’s very little in email’s basic technology set to prevent senders from pretending to be whoever they want to be.

So, as with any technology, email can be used for good or it can be used for bad. The more open something is the more useful it is, but the more vulnerable it is too – and email is very, very open. What’s more, because no one owns email, no one has the authority to change the way it works.

Why walled gardens haven’t replaced email

Many companies have tried to address the deficiencies of email by creating safer, more controlled communications environments. Facebook, Twitter, WhatsApp, Slack; all of these are more centralized “walled gardens” where a single company is the gatekeeper and can help ensure the good behavior of people using their platforms.

But even with the rise of these platforms, email remains incredibly relevant. Imagine, in 2010, Facebook CEO Mark Zuckerberg suggested that Facebook Messenger would be the “end of email.” Today Facebook is the number one sender of emails, churning out 1.8 billion emails a day. Why? Because, like every other company in the world, Facebook needs a way to notify its users of important developments at times when they are not directly engaged with it. In fact, all of these alternative communications platforms generate an enormous amount of email through their notification systems.

What’s more, these alternative platforms only work if you and everyone you want to talk to is using the same platform. Slack, for instance, is a great internal communication tool, but Slack cannot predict when you may want to communicate with someone completely random in Uzbekistan. Or when a potential customer in Uzbekistan may want to communicate with you. Email can accommodate that, because it is the only truly neutral meeting ground.

Email continues to grow – especially for business

Statistics collected by the Radicati Group show that overall email usage continues to grow, year after year, and its growth is even exceeding prior estimates. But many people will tell you that “email is dead” or that they never use email. What accounts for this seeming discrepancy is that consumer-to-consumer communication via email is decreasing: People use email far less if they just want to talk to their family or friends, preferring to send texts, use Facebook Messenger, Snapchat, or some other chat platform.

But for business-to-business communications and business-to-consumer communications, email continues to grow. It remains the most ubiquitous, effective, flexible, and cost-effective way for businesses to communicate with one another, for them to deliver updates and marketing messages to potential customers who have expressed interest, and for them to communicate with existing customers.

Email has a bad reputation among individuals for a variety of reasons, which fall into two big buckets. First, there’s spam, defined as “email I don’t want.” Second, there’s phish, defined as “email pretending to be from someone I know.” Both of these have diluted the relevance and trustworthiness of email for many consumers.

The trick is to inject trust back into email.

How to make email trustworthy again

Fortunately, there is another massive trend building, and that is the trend of adding authentication to email. This is a widespread, global movement, supported by many large senders and receivers of email, including Google, Microsoft, AOL, and Yahoo. It’s just what email needs.

If you hate email because you don't trust it, authentication solves that problem. With authentication, recipients can be confident that the sender was authorized to use the domain name that appears in the From field. It completely eliminates the ability for phishers to use a company’s exact domain when trying to defraud people, forcing them to use other techniques.

Authentication can also assist with spam. If someone sends you an offer for a muscle-building supplement, the chances are good that you probably don’t want that message. But suppose the message comes from a Canadian pharmacy you did business with last month, when you were ordering decongestant. If you can be certain that it really was the pharmacy that sent it, you can track down the sender and ask them to stop sending you these messages. (Unless you really do want more supplements!)

Legitimate companies have already implemented “safe unsubscribe” and other means for people to quickly and easily remove themselves from mailing lists. If these companies also embrace authentication, it will be easier than ever for recipients to take action against companies that don’t comply or that don’t act like good email citizens.

As support for email authentication builds, email itself will become more and more trustworthy. With trust will come an explosion of innovations held back by the fear that criminals will abuse them. Take for example a bank email that can automatically look up your account information and report back your balance. If you could trust email from your bank, wouldn’t that be a useful service?

A world in which humans can trust the #1 communication platform is one in which we can accelerate our ability to share ideas, conduct business, get critical notifications – and appreciate how open, reliable, and trustworthy all those activities have become.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Winter 2018 issue of Security Smart