Amazon Web Services – WorkMail: Everything You Need to Know
Last updated on 13th Jun 2020, Blog, General
(5.0) | 18793 Ratings
1940
Amazon WorkMail was formerly known as Zocalo. It is a managed email and calendaring service that runs in Cloud. It provides security controls and is designed to work with your existing PC and Mac-based Outlook clients including the prepackaged Click-to-Run versions. It also works with mobile clients that speak the Exchange ActiveSync protocol.
Its migration tool allows to move mailboxes from on-premises email servers to the service, and works with any device that supports the Microsoft Exchange ActiveSync protocol, such as Apple’s iPad and iPhone, Google Android, and Windows Phone.
How to Use Amazon WorkMail?
Step 1 − Sign in to AWS account and open the Amazon WorkMail console using the following link − https://console.aws.amazon.com/workmail/
Step 2 − Click the Get Started button.
Step 3 − Select the desired option and choose the Region from the top right side of the navigation bar.
Step 4 − Fill the required details and proceed to the next step to configure an account. Follow the instructions. Finally, the mailbox will look like as shown in the following screenshot.
Features of Amazon WorkMail
- Secure − Amazon WorkMail automatically encrypts entire data with the encryption keys using the AWS Key Management Service.
- Managed − Amazon WorkMail offers complete control over email and there is no need to worry about installing software, maintaining and managing hardware. Amazon WorkMail automatically handles all these needs.
- Accessibility − Amazon WorkMail supports Microsoft Outlook on both Windows and Mac OS X. Hence, users can use the existing email client without any additional requirements.
- Availability − Users can synchronize emails, contacts and calendars with iOS, Android, Windows Phone, etc. using the Microsoft Exchange ActiveSync protocol anywhere.
- Cost-efficient − Amazon WorkMail charges 4$ per user per month up to 50GB of storage.
Amazon WorkMail (which begins at $4 per user per month or 50 gigabytes of storage per user) is relatively new in the hosted email space. It lacks complexity; you won’t find contracts, minimum user counts, or costs from the outset. You pay as you go along, just like you do with other Amazon Web Services (AWS) products. The core functionality, with features such as an email web client, contact list, and calendar, is in line with Microsoft Exchange. Still, Amazon WorkMail is missing built-in collaboration tools as well as some administrator capabilities. These issues, along with Amazon’s decision to rely on Adobe Flash, push Amazon WorkMail behind Microsoft Office 365 Business Premium, the Editors’ Choice winner in our hosted email provider review roundup.
Getting Started
Getting started with Amazon WorkMail is simple if you already have an AWS account. If you don’t, then feel free to evaluate it by using the 30-day free trial available from the AWS website. After navigating to the Amazon WorkMail panel, you just add a new Amazon WorkMail domain, add a user, and then you’re good to go. Amazon will generate an awsapps.com subdomain for you to start, although you are strongly encouraged to use your own domain.
- Adding a domain was easy from an admin’s perspective, even easier than with Microsoft Office 365 Business Premium. After entering my domain name, AWS requested that I add a text (TXT) record to my domain record to prove that I was the owner.
- There were also a variety of Canonical NAME (CNAME) records that needed to be added in addition to the Mail eXchange (MX) record. All in all, I found the process to be uncomplicated. Once everything is set up, you can navigate to your newly generated mail URL and log in.
Using Amazon WorkMail
Using Amazon WorkMail for email is about as straightforward as it gets. You can send and receive it but you won’t find many frills in it. The layout is reminiscent of Microsoft Outlook, so I had no trouble figuring out how to search, read, compose, and send email. However, its feature set and capabilities are just barely standard. You won’t find anything innovative or ground-breaking here as you will when using other tools such as Zoho Mail. One unique feature that I did notice in Amazon WorkMail was the ability to manage available resources for meetings. It could be something as simple as a meeting room or a projector. While this could be useful in certain circumstances, it doesn’t seem to be a feature that would be heavily utilized by smaller businesses.
- On a positive note, a nice side effect of being Microsoft Exchange-compatible is that calendars are also able to sync with Microsoft Outlook. For those already using the Microsoft Office suite on the user side, they might be able to overlook the lack of features in the web interface since they can connect Amazon WorkMail to the far more feature-rich Microsoft Outlook client. Frankly, if email is a big part of your users’ day, then this is probably their best option.
- Collaboration tools are nowhere to be found as part of the standard email client. For those, you’ll need to look outside of the basic service to a separate AWS offering called Amazon WorkDocs. It’s mostly an office suite but it also allows real-time collaboration with other users on the same document. The caveat is that this requires an Adobe Flash plug-in. Given that the rest of the web is moving away from Adobe Flash, this was a bit of a letdown. It also guarantees the presence of at least one heavily targeted security issue running on every system that needs to use it. And, in addition to Adobe Flash, Amazon also requires an additional custom browser plug-in to make everything work. That’s a lot of configuration considering the level of functionality you’re getting out of the box.
- Aside from Amazon WorkDocs, Amazon has also moved its meeting collaboration features to yet another app called Amazon Chime, which acts much the same as Microsoft Skype for Business Online. Chat, video conferencing, phone calls, and screen sharing are all available. The one caveat, however, is that both this and the collaboration tools are separate products and incur additional charges. By the time you add everything up, you’ve far exceeded what you would have paid for any of the other big names in this roundup, including Google G Suite Business, Microsoft Office 365 Business Premium, and Zoho Mail.
Privacy and Security
Amazon hasn’t published a great deal of detail on their spam and anti-phishing capabilities, but there is a clearly labeled Junk Email folder in the email client. There is also built-in virus scanning, though this is really a minimum requirement for today’s business-grade services. But I was almost immediately stymied when I tried to find even slightly more advanced functionality. For example, I found no standard way to configure whitelists and blacklists for domains. The only thing that seems to get blocked are emails identified as carrying viruses. This is, frankly, substandard for the industry and sets Amazon way behind most of the competition from a security perspective, especially big players such as Google G Suite Business and Microsoft Office 365 Business Premium.
- There are email rules, however, which can be configured to emulate some of this behavior. That task largely falls on the admin, and getting to a point where users are adequately protected from spam will not be a short journey. One major thing that Amazon WorkMail has going for it is that it’s running on the already well-tested and secure backbone of AWS.
- This factor alone means it inherits the International Organization for Standardization (ISO) 27001, ISO 27017, and ISO 27108 certifications. Their SOC 3 report is also available for viewing online. Sadly, while Amazon WorkDocs is Health Insurance Portability & Accountability Act (HIPAA) eligible, Amazon WorkMail currently is not. While this could change in the future, those operating in the healthcare vertical will need to steer clear until this is rectified.
- Amazon generally respects user privacy except in the case of obvious illegal activity. Consumer content is not disclosed unless compelled by law enforcement. That being said, Amazon’s agreement details don’t say to what degree the company monitors this information, but they do claim that they won’t access your users’ information without their consent.
Integration Capabilities
There isn’t much to speak of in the way of integration with a large number of third-party apps as Amazon seems to have made it a point to focus Amazon WorkMail on interoperability with Microsoft Exchange. That means you’ll have the ability to fully federate your Microsoft Active Directory (AD) domain with Amazon WorkMail should you be using Microsoft’s directory service in your organization. For organizations dependent on Microsoft AD but not ready to jump onboard with Microsoft Office 365, this opens up a second path.
- Overall, Amazon WorkMail doesn’t overwhelm with features, though it is cheap, stable, and somewhat secure, as long as you can live with its basic feature set. However, for a few dollars more, one could easily find a more feature-rich platform in Google G Suite Business, Microsoft Office 365 Business Premium, or Zoho Mail. If you attempt to mirror the features that those products offer out of the box in Amazon WorkMail, then you’ll end up spending significantly more for additional Amazon apps.
- For this reason, it’s hard to recommend this as a serious option with such a plethora of better-equipped email hosting services available. However, a company as big as Amazon has the stamina to keep this product alive in the long term and improve it over time. So, if you’re already an Amazon customer, then keep checking back to see how Amazon WorkMail evolves.
Getting started with Amazon WorkMail
Whether you are a new Amazon WorkMail user or an existing user of Amazon WorkDocs or Amazon WorkSpaces, get started with Amazon WorkMail by completing the following steps.
Enroll in AWS Certification Courses to Get Noticed By Top Hiring Companies
Weekday / Weekend BatchesSee Batch Details- Step 1: Sign in to the Amazon WorkMail console
- Step 2: Set up your Amazon WorkMail site
- Step 3: Set up Amazon WorkMail user access
- More resources
Step 1: Sign in to the Amazon WorkMail console
You must sign in to the Amazon WorkMail console before you can add users and manage accounts and mailboxes.
To sign in to the Amazon WorkMail console
- Sign in to the AWS Management Console and open the Amazon WorkMail console at https://console.aws.amazon.com/workmail/.
- If necessary, go to the navigation bar and select the AWS Region that meets your needs. For more information, see Regions and endpoints in the Amazon Web Services General Reference.
Step 2: Set up your Amazon WorkMail site
- After you sign in to the Amazon WorkMail console, set up your organization.
- Choose from the following organization setup options:
- Quick setup: Creating a new directory – Sets up a new directory for you
- Standard setup: Integrating with an existing directory – Integrates with your existing directory
- Next, add a domain. We recommend registering a dedicated domain for your Amazon WorkMail organization. For more information about adding a domain, see Adding a domain.
Note:
You can start using your Amazon WorkMail organization with the provided test domain created during setup. The test domain format is example.awsapps.com. You can use the test mail domain as long as you maintain enabled users in your Amazon WorkMail organization. However, the test domain cannot be used outside of Amazon WorkMail. Also, the test domain might become available for registration and use by other customers if your Amazon WorkMail organization does not maintain at least one enabled user.
- Create new users or enable your existing directory users for Amazon WorkMail. For more information, see Creating new users.
- (Optional) If you have existing Microsoft Exchange mailboxes, migrate them to Amazon WorkMail. For more information, see Migrating to Amazon WorkMail.
After you’ve finished setting up your Amazon WorkMail site, you can access Amazon WorkMail using the web application URL.
To locate your Amazon WorkMail web application URL
- Open the Amazon WorkMail console at https://console.aws.amazon.com/workmail/.
- In the navigation panel, choose Organization settings.
The web application URL is on the General settings tab and looks like this: https://alias.awsapps.com/mail.
Step 3: Set up Amazon WorkMail user access
Choose from the following options to set up Amazon WorkMail user access.
- Set up user access from an existing desktop client using the Microsoft Outlook client. For more information, see Connect Microsoft Outlook to your Amazon WorkMail account.
- Set up user access from a mobile device, such as a Kindle, Android, iPad, iPhone, or Windows Phone. For more information, see Getting started with a mobile device.
- Set up user access with any IMAP-compatible client software. For more information, see Connect IMAP clients to Your Amazon WorkMail account.