Amazon Web Services has again made headlines today by announcing Amazon WorkMail – their managed email and calendaring service targeted at corporate customers. This is obviously a direct take on their biggest competitors, namely, Google and Microsoft, and the biggest differentiators Amazon is focusing on are ease of use and security.
Amazon WorkMail is described as a completely managed replacement for an organization’s own legacy email infrastructure. Since the service is compatible with Microsoft Exchange and is capable of integrating with an existing on-premise Active Directory, the process of migration should be quick and seamless. Since AWS will take over most administrative processes, such as patching or backups, this can dramatically decrease administration efforts and costs.
Although WorkMail has its own web interface, AWS is more focused on supporting existing mail and calendaring tools. Any ActiveSync-capable program, including Microsoft Outlook for Windows and OS X, as well as native iOS and Android email clients, can be supported without installing any plug-ins. Migration from an on-premise Exchange server can be completely transparent and does not require any changes on end user devices. A migration wizard is provided as a part of the package.
With the new service, AWS is also placing big emphasis on security. Since email has long been an integral part of our daily business processes, a lot of sensitive corporate information passes through it and ends up getting stored on the mail server. By integrating with AWS Key Management Service, WorkMail will automatically encrypt all email data at rest, while giving customers complete control over the encryption keys. It is also possible to restrict where this information is stored to a specific geographical region to ensure compliance with local privacy regulations.
Last year, AWS announced their Zocalo service for secure storage and sharing of enterprise data, a direct competitor to other cloud storage services like Dropbox or Google Drive. Needless to say, WorkMail is tightly integrated with Zocalo, allowing the secure exchange of documents instead of sending them as unprotected attachments. In fact, AWS offers a bundle of WorkMail with Zocalo for an attractive price.
There is one potential misunderstanding, however, which I feel obligated to mention. Even with all security features integrated into WorkMail, it still cannot be considered a true end-to-end encryption solution and is thus potentially vulnerable to various security problems. This is another example of a tradeoff between security and convenience, and Amazon simply had to make it to ensure compatibility with existing email programs and protocols.
Still, with an impressive integrated offering and traditionally aggressive pricing model, Amazon WorkMail is definitely another step in AWS’s steady push towards global market leadership.