But your service provider isn't your only worry. If you've opted for any third-party email integration, like combining your email with a third-party customer relationship management (CRM) provider (such as Salesforce), that opens your company's email up to either data-snooping apps deployed by Salesforce or to any data breaches that originate with that service. So the more informed you can be about what's attached to your email service, how that data's being used and accessed and especially by whom, the better off you'll be when it comes time to send confidential email.
You can also purchase Secure Sockets Layer certificates (starting at $69.99 per year), the software that's represented by a green padlock in your web browser when you visit, say, a financial institution's website. If you plan to sell products via your website, consider an SSL certificate an essential purchase, as it safeguards the data exchange between a customer and your servers.