Why Your Email Data Should Stay on Your AWS Account

You chose AWS for a reason

If you're running WorkMail, you made a deliberate choice: you wanted your email on your own infrastructure. You chose compliance over convenience. Control over simplicity. That instinct was right — and it shouldn't change just because WorkMail is shutting down.

What happens when email leaves your AWS account

When you migrate to Google Workspace or Microsoft 365, your email data moves to their infrastructure. Here's what that actually means:

• You lose visibility. Where exactly is your data stored? Which region? Which data center? You don't know, and you can't control it.
• You lose encryption control. Google and Microsoft encrypt your data, but with their keys. You can pay extra for customer-managed keys, but it's an add-on, not the default.
• You lose the kill switch. With WorkMail (or inbox.camp), you can revoke the IAM role and instantly cut off all access. With a third-party provider, offboarding means hoping they actually delete your data.
• You add a vendor dependency. Your email now depends on another company's infrastructure, pricing decisions, and terms of service.

The compliance angle

For many teams, email data residency isn't optional — it's a requirement. Healthcare organizations dealing with HIPAA, financial services under SOC 2, government contractors with FedRAMP — all of these have specific requirements about where data lives and who can access it.

When email is on your AWS account:

• You control the region (us-east-1, eu-west-1, whatever your compliance requires)
• You control encryption (your KMS keys, your policies)
• You control access (IAM roles and policies you define)
• You control retention (your S3 lifecycle rules)
• You control audit logging (CloudTrail captures everything)

None of this is possible when your email lives in someone else's cloud.

The cost angle

Here's something people don't talk about enough: email storage on S3 is incredibly cheap. Around $0.02 per GB per month. A typical business user generates maybe 2-5 GB of email per year. That's pennies.

Compare that to Google Workspace's 30 GB pooled storage, where going over means upgrading to a more expensive tier. Or Microsoft 365, where archived mailboxes have separate (and confusing) storage limits.

With your email on S3, storage is effectively unlimited and costs almost nothing. You're paying for the infrastructure you already own.

How inbox.camp keeps your data on your AWS

We designed inbox.camp from scratch around this principle. Here's how it works:

• SES handles sending and receiving on your domain
• S3 stores every email — your bucket, your account, your data
• Route 53 manages DNS records — MX, SPF, DKIM, DMARC
• KMS encrypts everything with your keys (optional but recommended)

inbox.camp is the orchestration and interface layer. We provide the web UI, IMAP/SMTP access, user management, and auto-configuration. But your data never touches our servers. Delete the IAM role and we lose all access — instantly.

The bottom line

WorkMail shutting down doesn't mean you have to give up control. You chose AWS infrastructure for a reason. Keep your email where it belongs.

Join the inbox.camp waitlist and keep your email on your AWS.