“compared to what” is the important question for this kind of analysis. I currently have Google hosting e-mail for my domain (and as of last year, I’m paying for it). I’ve considered moving it to save money, and currently laziness is winning over frugality. I suspect security would go down if I used a free provider, and both convenience and security down if I self-hosted (as I did this for many years, but not as well as Google).
Also consider your phone identity, separately from your e-mail. Using GFi means your UI is tied to Google, but there are annoying old-school telecom infrastructure behind it that may make it more vulnerable than your e-mail account. I’m not sure there’s much you can do about it beyond “prefer hardware or app 2FA over SMS, and prefer e-mail account identity over phone number”.
“compared to what” is the important question for this kind of analysis. I currently have Google hosting e-mail for my domain (and as of last year, I’m paying for it). I’ve considered moving it to save money, and currently laziness is winning over frugality. I suspect security would go down if I used a free provider, and both convenience and security down if I self-hosted (as I did this for many years, but not as well as Google).
Also consider your phone identity, separately from your e-mail. Using GFi means your UI is tied to Google, but there are annoying old-school telecom infrastructure behind it that may make it more vulnerable than your e-mail account. I’m not sure there’s much you can do about it beyond “prefer hardware or app 2FA over SMS, and prefer e-mail account identity over phone number”.