You can not control the external security of your client’s devices, for instance if one of your clients do not have a password on their computer and their email password is saved in their email client. This means anybody who can turn the clients computer on can read their email.
As you can see from the screen shot of the email received by a client into an e-mail account, the client receives an email advising them to visit and login to your system to review the internal message.
This puts a password wall between the user reading the email and the message located in the portal keeping the communication confidential. They not only need access to the device to read the email, they also need to know the portal location the email & password and also if set, the two factor device to be able to read the message.
We do not place a link to your system within the emails, this prevents the possibility of the user receiving a Phishing email with a fake link to try and steal passwords. We push the positive security policy of never clicking links within emails and going direct to the source.