Second are email encryption gateways. These were the first kinds of encryption products, and can still be found on the market. They require special plug-ins or an on-premises server to be setup inside your firewall to connect to your main email server. Datamotion SecureMail and HP's Voltage SecureMail fit into this category.
Gateways offer tremendous control over how emails are processed, whether any message residue can be found on local storage devices, and how you can go about recovering passwords. While this is appealing, with all this control comes the higher pain point of getting them setup properly. That's why gateways have somewhat fallen out of favor, especially now that there are so many other choices.
Gateways are still useful for businesses that either are reluctant to use the cloud or who have particular compliance reasons for encrypting their message traffic, such as a brokerage house or a medial practice.
Finally, there are client-only products that supplement existing desktop email software, such as Outlook or Apple Mail. These are typically add-on tools that encrypt messages using your existing email infrastructure. Tutanota, Virtru and AppRiver fit into this category. This is popular for businesses which have a variety of email clients in use and don't want to deploy a universal encryption service immediately, or who can't easily swap out pieces of their email infrastructure.
There are numerous other encryption services that we didn't test, for two reasons. First, many of them are like ProtonMail that only offer encryption to single mailboxes and aren't suitable for an enterprise-wide deployment. A good article listing many of these services can be found here. Second, several of the long-time encryption vendors didn't want to participate, including gateway vendors Symantec (the current keeper of the PGP flame) and Zix Corp.
Winners and losers
Because of the variety of email situations and product types, we couldn't declare an overall Clear Choice winner. However, each of these products can be very useful for specific situations. Despite having some innovative features, we would hold off on recommending Tutanota until the product matures.
If you make use of an Internet standard IMAP/SMTP server for your email, then Hushmail or Virtru are the best ways to go. Hush uses a combination of various industry standard encryption technologies to move mail from your desktop through the Internet. Virtru has its own ecosystem and collection of add-ons to Outlook, browsers and Gmail that can protect your messages.
If you use Exchange or Notes, then Datamotion is the better solution, using its gateway. While it is the most expensive of the seven products we tested, it offers a lot of flexibility in configuration. Voltage is also a good gateway-based alternative if you need the plethora of controls to handle your mail flow, and it runs on both Linux and Windows servers.
Sign up for CIO Asia eNewsletters.