UNIT-4

cloud security and web mail services

What is cloud security?

Cloud security refers to the cybersecurity policies, best practices, controls,
and technologies used to secure applications, data, and infrastructure in cloud
environments. In particular, cloud security works to provide storage and network
protection against internal and external threats, access management, data
governance and compliance, and disaster recovery. Cloud computing has become
the technology of choice for companies looking to gain the agility and flexibility
needed to accelerate innovation and meet the expectations of today’s modern
consumers. But migrating to more dynamic cloud environments requires new
approaches to security to ensure that data remains secure across online
infrastructure, applications, and platforms.

How to manage security in the cloud?

Cloud service providers have many methods to protect the [Link] is
the central part of cloud architecture. The firewall protects the network and the
perimeter of end-users. It also protects traffic between various apps stored in the
cloud. Access control protects data by allowing us to set access lists for various
assets. For example, you can allow the application of specific employees while
restricting others. It's a rule that employees can access the equipment that they
required. We can keep essential documents which are stolen from malicious
insiders or hackers to maintaining strict access control.
Data protection methods include Virtual Private Networks (VPN),
encryption, or masking. It allows remote employees to connect the network.
VPNaccommodates the tablets and smartphone for remote access. Data masking
maintains the data's integrity by keeping identifiable information private. A
medical company share data with data masking without violating the HIPAA laws.​
For example, ​ we are putting intelligence information at risk in order of
the importance of security. It helps to protect mission-critical assets from threats.
Disaster recovery is vital for security because it helps to recover lost or stolen data.

Benefits of Cloud Security System

 o​ Protecting the Business from Dangers
o​ Protect against internal threats
o​ Preventing data loss
o​ Top threats to the system include Malware, Ransomware, and
o​ Break the Malware and Ransomware attacks
o​ Malware poses a severe threat to the businesses.

Difference between Cloud Security and Traditional IT Security

Securing Data
Securing data is a critical aspect of cloud computing, involving various
strategies to protect sensitive information from unauthorized access, corruption, or
loss.
Security Planning
Before deploying a particular resource to cloud, one should need to analyze
several aspects of the resource such as:
●​ Select resource that needs to move to the cloud and analyze its sensitivity to
risk.
 ●​ Consider cloud service models such as IaaS, PaaS, and SaaS. These models
require customer to be responsible for security at different levels of service.
●​ Consider the cloud type to be used such as public, private, community or
hybrid.
●​ Understand the cloud service provider's system about data storage and its
transfer into and out of the cloud.
Understanding Security of Cloud
Security Boundaries
A particular service model defines the boundary between the responsibilities of
service provider and customer. Cloud Security Alliance (CSA) stack model defines
the boundaries between each service model and shows how different functional
units relate to each other. The following diagram shows the CSA stack model:

Understanding Data Security

Since all the data is transferred using Internet, data security is of major concern in
the cloud. Here are key mechanisms for protecting data.
●​ Access Control
●​ Auditing
 ●​ Authentication
●​ Authorization

Data Encryption

Data encryption is a fundamental component of securing data in cloud

computing. It ensures that data remains confidential and protected from
unauthorized access, both when it is stored (at rest) and when it is transmitted
across networks (in transit). Effective encryption strategies also involve robust
encryption key management practices.

Encryption at Rest

Encryption at rest protects data stored on physical storage media, such as

databases, file systems, or cloud storage services. This ensures that even if storage
devices are physically compromised, the data remains unreadable without the
proper decryption keys.

Key Concepts:

●​ Disk-Level Encryption: Encrypts the entire storage device or disk where

data is stored. This can be implemented using software or hardware
encryption mechanisms.
●​ File/Database-Level Encryption: Encrypts specific files, databases, or
records within a storage system. This allows for more granular control over
which data is protected.
●​ Storage Service Encryption: Cloud providers often offer built-in encryption
for their storage services, automatically encrypting data as it is written to
disk and decrypting it when accessed by authorized users.

Encryption in Transit

Encryption in transit ensures that data being transmitted over networks,

whether between users and cloud services or between different cloud services, is
protected from interception or eavesdropping.

Key Concepts:

●​ Transport Layer Security (TLS): A widely used protocol for encrypting data
in transit over the internet, ensuring secure communication between clients
and servers.
 ●​ Virtual Private Network (VPN): Encrypts all traffic between a user’s device
and the cloud environment, providing an additional layer of security for data
in transit.
●​ Secure Shell (SSH): A protocol for secure remote access to cloud resources,
encrypting data transferred during the session..

Encryption Key Management

Effective encryption key management is critical to the security of encrypted

data. It involves the generation, storage, rotation, and revocation of encryption
keys, ensuring that only authorized entities have access to these keys.

Key Concepts:

●​ Key Generation: Securely generating encryption keys using cryptographic

algorithms and ensuring they have sufficient entropy (randomness).
●​ Key Storage: Safely storing keys in hardware security modules (HSMs) or
key management services (KMS) provided by cloud providers. These
services offer secure key storage, lifecycle management, and access controls.
●​ Key Rotation: Regularly rotating encryption keys to reduce the risk of key
compromise. Implement automatic key rotation policies to enforce this.
●​ Key Revocation: The process of invalidating encryption keys that are no
longer in use or have been compromised. It is essential to have a mechanism
in place to update systems with new keys without disrupting service.

Access Control and Identity Management

Identity Management, Authentication, and Access Control

Identity management—also referred to as identity and access management

(IAM)—is the overarching discipline for verifying a user’s identity and their level
of access to a particular system. Within that scope, both authentication and access
control—which regulates each user’s level of access to a given system—play vital
roles in securing user data. We interact with authentication mechanisms every day.
When you enter a username and password, use a PIN, scan your fingerprint, or tap
your bank card, your identity is being verified for authentication purposes. Once
your identity is verified, access control is implemented to determine your level of
access. This is important for applications and services that have different levels of
authorization for different users. Access control, for instance, will allow software
administrators to add users or edit profiles while also barring lower-tier users from
accessing certain features and information.

Access Control and Identity Management are crucial components in securing

cloud environments. They ensure that only authorized users can access resources
and that the data they interact with remains intact and accurate. This section
focuses on three key aspects: authentication, data integrity, data integrity checks,
and data validation and sanitization.

Why IAM?

Companies need IAM to provide online security and to increase employee

[Link]. Traditional security often has one point of failure - the
password. If a user's password is breached - or worse yet, the email address for
their password recoveries - your organization becomes vulnerable to attack. IAM
services narrow the points of failure and backstops them with tools to catch
mistakes when they're made.

Productivity. Once you log on to your main IAM portal, your employee no
longer has to worry about having the right password or right access level to
perform their duties. Not only does every employee get access to the perfect suite
of tools for their job, their access can be managed as a group or role instead of
individually, reducing the workload on your IT professionals.

Components of Identity and Access Management (IAM)

●​ Users
●​ Roles
●​ Groups
●​ Policies

With these new applications being created over the cloud, mobile and
on-premise can hold sensitive and regulated information. It’s no longer acceptable
and feasible to just create an Identity server and provide access based on the
requests. In current times an organization should be able to track the flow of
information and provide least privileged access as and when required, obviously
with a large workforce and new applications being added every day it becomes
quite difficult to do the same. So organizations specifically concentrate on
managing identity and its access with the help of a few IAM tools. It’s quite
obvious that it is very difficult for a single tool to manage everything but there are
multiple IAM tools in the market that help the organizations with any of the few
services given below.

IAM Identities Classified As

●​ IAM Users
●​ IAM Groups
●​ IAM Roles
●​ Root user

The root user will automatically be created and granted unrestricted rights.
We can create an admin user with fewer powers to control the entire Amazon
account.

IAM Users

We can utilize IAM users to access the AWS Console and their
administrative permissions differ from those of the Root user and if we can keep
track of their login information.

Example

With the aid of IAM users, we can accomplish our goal of giving a specific
person access to every service available in the Amazon dashboard with only a
limited set of permissions, such as read-only access. Let’s say user-1 is a user that I
want to have read-only access to the EC2 instance and no additional permissions,
such as create, delete, or update. By creating an IAM user and attaching user-1 to
that IAM user, we may allow the user access to the EC2 instance with the required
permissions.

IAM Groups

A group is a collection of users, and a single person can be a member of

several groups. With the aid of groups, we can manage permissions for many users
quickly and efficiently.

Example

Consider two users named user-1 and user-2. If we want to grant user-1
specific permissions, such as the ability to delete, create, and update the
auto-calling group only, and if we want to grant user-2 all the necessary
permissions to maintain the auto-scaling group as well as the ability to maintain
EC2,S3 we can create groups and add this user to them. If a new user is added, we
can add that user to the required group with the necessary permissions.

IAM Roles

While policies cannot be directly given to any of the services accessible

through the Amazon dashboard, IAM roles are similar to IAM users in that they
may be assumed by anybody who requires them. By using roles, we can provide
AWS Services access rights to other AWS Services.

Example

Consider Amazon EKS. In order to maintain an autoscaling group, AWS eks

needs access to EC2 instances. Since we can’t attach policies directly to the eks in
this situation, we must build a role and then attach the necessary policies to that
specific role and attach that particular role to EKS.

IAM Policies

IAM Policies can manage access for AWS by attaching them to the IAM
Identities or resources IAM policies defines permissions of AWS identities and
AWS resources when a user or any resource makes a request to AWS will validate
these policies and confirms whether the request to be allowed or to be denied.
AWS policies are stored in the form of Jason format the number of policies to be
attached to particular IAM identities depends upon [Link] permissions required for
one IAM identity. IAM identity can have multiple policies attached to them.

Access management for AWS resources Identity management

●​ Access management
●​ Federation
●​ RBAC/EM
●​ Multi-Factor authentication
●​ Access governance
●​ Customer IAM
●​ API Security
●​ IDaaS – Identity as a service
●​ Granular permissions
●​ Privileged Identity management – PIM (PAM or PIM is the same)
1. Authentication and Data Integrity

Authentication:

Authentication is the process of verifying the identity of a user, device, or service

before granting access to resources. Effective authentication mechanisms ensure
that only authorized entities can access sensitive data and systems.

●​ Multi-Factor Authentication (MFA): Requires users to provide multiple

forms of verification (e.g., password, biometric, token) to enhance security.
●​ Single Sign-On (SSO): Allows users to authenticate once and gain access to
multiple systems or applications, reducing the need to manage multiple
credentials.
●​ Federated Identity Management: Enables users to use the same
authentication credentials across different domains or organizations, often
through standards like SAML or OAuth.

Data Integrity:

Data integrity ensures that information remains accurate, consistent, and unaltered
during storage or transmission. In cloud environments, maintaining data integrity is
essential for trust and reliability.

●​ Hashing: Hash functions generate a unique, fixed-size hash value from data.
Even a small change in the data will produce a different hash, making it
useful for verifying data integrity.
●​ Digital Signatures: Used to verify the authenticity and integrity of data. A
digital signature, created using a private key, can be verified using the
corresponding public key.

2. Data Integrity Checks

Data integrity checks are mechanisms used to detect and correct errors in data.
These checks ensure that the data received is the same as the data sent, preventing
corruption or unauthorized modifications.

Key Techniques:

●​ Checksums: A simple method where a numerical value is calculated from a

data set. When data is transmitted or stored, the checksum is recalculated
and compared to the original to verify integrity.
 ●​ Cyclic Redundancy Check (CRC): A more sophisticated checksum that
detects accidental changes in raw data. CRCs are commonly used in digital
networks and storage devices.
●​ Version Control: In systems where data is frequently updated, version
control systems track changes to data over time, allowing the restoration of
previous versions if integrity is compromised.

3. Data Validation and Sanitization

Data validation and sanitization are processes used to ensure that input data
is correct, secure, and free from harmful content before being processed or stored.
These steps are vital in preventing attacks such as SQL injection, cross-site
scripting (XSS), and other forms of data manipulation.

Data Validation:

Validation ensures that data conforms to the expected format, type, and range
before it is accepted for processing.

●​ Input Validation: Validates data entered by users to ensure it meets the

expected format, length, and type. For example, checking that a date is in the
correct format (YYYY-MM-DD) or that a string contains only alphabetic
characters.
●​ Output Encoding: Converts data into a secure format before it is rendered or
processed, ensuring that potentially harmful characters (e.g., <, >, &) are not
executed as code.

Data Sanitization:

Sanitization involves cleaning data to remove or neutralize potentially

malicious content, ensuring that only safe data is processed or stored.

●​ Escaping: Converts special characters in user input into a neutral form,

preventing them from being interpreted as executable code. For example,
converting < into < in HTML to prevent XSS attacks.
●​ Whitelist Validation: Only allows data that matches a predefined set of
acceptable values or patterns. This is more secure than blacklist validation,
which blocks known bad inputs but may miss new or unknown threats.
●​ SQL Injection Prevention: Use prepared statements or parameterized queries
to ensure that user input is treated as data, not as executable code.
Establishing Identity and Presence

Identity

Identity refers to set of attributes associated with something to make it

recognizable. All objects may have same attributes, but their identities cannot be
the same. A unique identity is assigned through unique identification attribute.
There are several identity services that are deployed to validate services such as
validating web sites, transactions, transaction participants, client, etc.
Identity-as-a-Service may include the following:

●​ Directory services
●​ Federated services
●​ Registration
●​ Authentication services
●​ Risk and event monitoring
●​ Single sign-on services
●​ Identity and profile management
Single Sign-On (SSO)
To solve the problem of using different username and password
combinations for different servers, companies now employ Single Sign-On
software, which allows the user to login only one time and manage the access to
other systems. SSO has single authentication server, managing multiple accesses to
other systems, as shown in the following diagram:

SSO Working

There are several implementations of SSO. Here, we discuss the common ones:
Following steps explain the working of Single Sign-On software:

●​User logs into the authentication server using a username and password.
●​The authentication server returns the user's ticket.
●​User sends the ticket to intranet server.
●​Intranet server sends the ticket to the authentication server.
●​Authentication server sends the user's security credentials for that server
back to the intranet server.
Productivity software?

Productivity software is computer programs that help people create things

like writing files, data collections, pictures with information, tables with numbers,
and slide shows. These programs make it easier for people to do their work tasks.
Occasionally, productivity software also contains programs that allow people to
work organized and talk to each other. Generally, productivity software helps
people complete their work more easily.

Overview of Productivity Software

Productivity software is designed to help users create, edit, and manage

various types of digital content efficiently. Among the most commonly used types
of productivity software are word processing, spreadsheet, and presentation
software. These tools are essential in both personal and professional settings,
enabling users to perform a wide range of tasks, from writing documents and
analyzing data to creating engaging presentations.
 What is productivity software?

Productivity software simply means any application or program that enables

one to produce or create, among others, graphs, databases, documents,
presentations, audio or video clips, and worksheets. We commonly use productivity
software in businesses and offices. Common types of productivity software include
database management systems (DBMS), word processors, spreadsheet
applications, and graphics software. In essence, productivity software assists
people to perform assigned tasks in addition to enhancing communication and
collaboration.

Initially, productivity software was for business use. Nowadays, various

types are even used to achieve personal productivity as well. Most of the
productivity software tools are now available on tablets and smartphones, besides
just computers.

What to look for in productivity software

1. Reliability

It is enticing to purchase productivity software at a significantly lower price.

But, always remember you will use it to store and share critical business or
company data. Do not compromise the safety and security of your business data by
picking unreliable productivity software, just because it is inexpensive.

2. Time monitoring capability

Time is a very precious asset, especially in business. For instance, you

cannot afford to see your employees misuse their precious time, especially when
you pay them hourly. With business productivity software that has a time tracking
ability, you can better organize your team and time. This will not only save you
money, but also time and productivity.

3. Employee tracking features

By properly monitoring your employees, you may increase their productivity

around tasks. For instance, this may be easy if your employees work from their
offices compared to when they work remotely at home. Therefore, when
purchasing a business productivity tool, ensure it can effectively supervise your
employees, whether they are working from home or at your company's physical
office.

4. Multi-platform software compatibility

Your employees have different habits and preferences. When you are
selecting your business productivity software, put this under consideration. For
instance, your employees may prefer different devices or use distinct operating
systems. Your productivity software should be compatible with a pool of operating
systems.

5. Project management features

When choosing your business productivity software, pick the one that allows
you to organize, delegate and supervise your projects. Pick a productivity tool that
also updates you on project progress. Business productivity software that gives you
complete control over your projects.

6. Accessibility

When choosing your business productivity tool, prioritize the one with a
mobile version. Select business productivity software which you can access via the
web besides the iOS and Android devices. By this, you can easily access your
business data from anywhere, at any time.

7. Profitability

When planning to purchase productivity software, invest your time on doing

a cost-benefit analysis to determine if it is the right solution. You should especially
consider the benefits it brings against its cost of acquisition and maintenance.
Analyze and figure out if investing in your preferred productivity tool provides
more value that can cover the correlated expenses. Having a budget is necessary to
keep you in check to avoid investing your money, time, and energy over wrong
products. Consider productivity software with the highest return.
1. Word Processing

Overview: Word processing software is used to create, edit, format, and print
text-based documents. It allows users to produce a wide variety of documents,
including letters, reports, memos, and essays, with the ability to incorporate
graphics, tables, and other multimedia elements.

Key Features:

●​ Text Formatting: Allows for the customization of font style, size, color, and
alignment. Users can also apply styles like bold, italics, and underline.
●​ Page Layout: Users can adjust margins, line spacing, and orientation, and
insert headers, footers, and page numbers.
●​ Spell Check and Grammar Tools: Built-in tools to automatically check
spelling, grammar, and punctuation, often offering suggestions for
corrections.
●​ Templates: Pre-designed document layouts for various purposes, such as
resumes, business letters, or newsletters.
●​ Collaboration: Features like track changes, comments, and real-time
co-authoring allow multiple users to work on a document simultaneously.

Popular Word Processing Software:

●​ Microsoft Word: Part of the Microsoft Office suite, Word is one of the most
widely used word processors, known for its extensive feature set and
compatibility with various file formats.
●​ Google Docs: A cloud-based word processor that offers real-time
collaboration and integration with other Google Workspace tools.
●​ Apple Pages: A word processor for macOS and iOS, known for its
user-friendly interface and compatibility with Apple’s ecosystem.

2. Spreadsheets

Overview: Spreadsheet software is used to organize, analyze, and store data in

tabular form. It allows users to perform calculations, create charts and graphs, and
analyze large datasets. Spreadsheets are particularly useful for financial planning,
data analysis, and project management.

Key Features:
 ●​ Data Entry and Organization: Users can enter and organize data in rows and
columns, creating a grid-like structure for easy reference.
●​ Formulas and Functions: Spreadsheets offer a wide range of built-in
formulas and functions to perform calculations, such as SUM, AVERAGE,
IF, and VLOOKUP.
●​ Data Visualization: Tools for creating charts and graphs to visually represent
data trends and comparisons.
●​ Pivot Tables: Advanced data summarization tools that allow users to
aggregate, filter, and analyze data in various ways.
●​ Conditional Formatting: Allows users to apply specific formatting to cells
based on the data they contain, making it easier to highlight important
information.

Popular Spreadsheet Software:

●​ Microsoft Excel: Part of the Microsoft Office suite, Excel is a powerful and
widely used spreadsheet application with extensive features for data
analysis, financial modeling, and reporting.
●​ Google Sheets: A cloud-based spreadsheet tool that allows for real-time
collaboration and integration with other Google Workspace tools.
●​ Apple Numbers: A spreadsheet application for macOS and iOS, known for
its intuitive design and ease of use within the Apple ecosystem.

3. Presentation Software

Overview: Presentation software is used to create slide-based presentations that can

include text, images, charts, videos, and animations. These tools are essential for
delivering information in a visual and engaging manner, often used in business
meetings, educational settings, and public speaking events.

Key Features:

●​ Slide Design and Layout: Users can choose from various slide layouts and
design themes to create a consistent and visually appealing presentation.
●​ Multimedia Integration: The ability to insert images, videos, audio clips, and
charts to enhance the presentation.
●​ Transitions and Animations: Tools to add visual effects between slides or to
animate elements within a slide, helping to maintain audience engagement.
●​ Speaker Notes: A feature that allows presenters to add notes to each slide,
which are visible only to the presenter during the presentation.
 ●​ Collaboration: Like other productivity software, presentation tools often
include features for real-time collaboration and sharing.

Popular Presentation Software:

●​ Microsoft PowerPoint: Part of the Microsoft Office suite, PowerPoint is one

of the most popular presentation tools, known for its extensive features and
versatility.
●​ Google Slides: A cloud-based presentation tool that allows for real-time
collaboration and integration with other Google Workspace tools.
●​ Apple Keynote: A presentation software for macOS and iOS, known for its
sleek design and powerful animation capabilities.

What is Webmail?

Webmail is a cloud-based service or Web-based email system that allows

you to access and use your email from almost anywhere through an internet
connection. Unlike Thunderbird or Microsoft Outlook, it does not need software
installation. It is a kind of service, which is provided by certain companies and
ISPs (Internet service providers). Especially, these kinds of server-based email
systems are more popular for younger users.

Overview of Cloud Mail Services

Cloud mail services have become essential tools for both personal and
professional communication. These services allow users to send, receive, and
manage emails through the cloud, offering accessibility, scalability, and various
features that enhance productivity. Here’s an overview of cloud mail services,
including an introduction, comparison of major providers, and details on email
account setup and management.

What is Cloud Email?

Cloud email is an internet-based multi-tenant service that is easily scalable.

Different from an on-premises email solution, cloud email is offered by vendors
and essentially serves as a backup for your files - so in the event one of your
systems goes down, you can easily retrieve your information from the cloud
[Link] email is great for organizations of all sizes because it's scalable -
meaning you can easily add or remove users from your system in just a few clicks.
In addition, it is also consistently updated with the latest security features,
diminishing the need to hire dedicated in-house IT professionals to monitor the
email network.

1. Introduction to Cloud Mail Services

What Are Cloud Mail Services? Cloud mail services are email platforms that
are hosted on cloud servers rather than on-premises servers. These services allow
users to access their email from any device with an internet connection.
Cloud-based email solutions offer numerous benefits, including increased storage
capacity, automatic updates, and enhanced security features.

Key Features:

●​ Accessibility: Access emails from anywhere using any device with an

internet connection.
●​ Scalability: Easily scale the number of users and storage capacity as needed
without the need for additional hardware.
●​ Security: Cloud mail services typically offer advanced security features,
such as encryption, spam filtering, and multi-factor authentication (MFA).
●​ Integration: Seamless integration with other cloud-based applications and
services, such as calendars, contacts, and collaboration tools.
●​ Reliability: High uptime guarantees and redundancy, ensuring that email
services are always available.

Here’s a comparison of some of the most popular cloud mail service providers:
Gmail (Google Workspace):

●​ Strengths: Excellent integration with Google services, user-friendly

interface, robust search functionality.
●​ Ideal For: Users heavily invested in the Google ecosystem, businesses that
require strong collaboration tools.

Outlook (Microsoft 365):

●​ Strengths: Powerful email and calendar management, deep integration with

Microsoft Office apps, extensive customization.
●​ Ideal For: Businesses and professionals who use Microsoft Office, those
requiring advanced email management features.
iCloud Mail (Apple):

●​ Strengths: Seamless integration with Apple devices, simple and clean

interface.
●​ Ideal For: Apple users looking for a reliable email service that integrates
with their devices.

Yahoo Mail:

●​ Strengths: Generous storage, simple interface, strong spam filtering.

●​ Ideal For: Users needing a basic email service with ample storage, those who
still use Yahoo services.

Advantages of Webmail

●​ Accessibility from Anywhere: Webmail allows us to access email account

from anywhere and from any device which is connected to internet and have
a web browser.
●​ No Installation Required: Unlike desktop email clients that are required to be
installed on each device there is no such requirements of installation in case
of webmail services .This also eliminates the need for software updates and
compatibility issues.
●​ Integration with Cloud Services: There are any webmail services that are
integrated with cloud storage some examples are Gmail linked to Google
drive and [Link] linked to One drive. This features is useful in sharing
of files and attachments as well as document collaboration .
●​ Cross-Platform Compatibility: Web mail is platform independent which
means that it works independently of operating system and devices so it can
work on various operating systems, including Windows, macOS, Linux, and
mobile platforms like Android and iOS. This versatility makes it very good
choice for us who switch between devices and operating systems.
●​ Enhanced Features: Many webmail platforms offer features like video
conferencing (in case of Gmail you might have heard about Google Meet),
document collaboration, and calendar integration which cab be used as
reminder. This makes webmail more useful and advantageous and also
security with features like two-factor authentication and spam filtering,
guarding our data from unauthorized access makes it more assuring to use.

Disadvantages of Webmail
●​ Reliance on Internet Connection: As webmail requires an active internet
connection to access emails without which it can be considered useless.
Areas with poor internet or network connectivity or during outages can be
victim of this type of disadvantage.
●​ Vulnerability to Security Threats: While platforms have security measures,
phishing scams and malware attacks can still target webmail users as
phishing emails can trick us into revealing sensitive information which is not
good as our whole information can be leaked and our email can be used in
wrong way.
●​ Privacy Concerns: As webmail service providers collects our(user) data for
ads and analytic purpose. This can concern privacy issue as our emails and
activity are being analyzed and probably shared with third party.
●​ Spam and Clutter: Although spam filters feature is present in webmail, spam
emails can still find their way to inboxes leading to adding of clutter and
wasting time. Managing and sorting the unwanted emails can be frustrating
and inefficient thus can be counted as one of the disadvantages.
●​ Reliance on Service Provider: As we are dependent on webmail service
provider for the availability and performance of the service . If the provider
experiences some technical issue or is not able to provide service for
sometime it can lead to many problems as not accessing our mails during
required time, data loss, etc.