New to Sophos Email: On-demand clawback, Google directory sync, and more

Sophos Email has everything you’ve come to expect from a world-class email security solution.

It leverages the most advanced threat intelligence, behavioral analysis, machine learning, and reputation analytics to keep malicious email from ever reaching your users’ inboxes.

But it doesn’t stop there: state of the art language processing, display name analysis, look-a-like domain checks, and post-delivery protection put a stop to benign-looking messages that later turn out to be malicious.

Add to that an entire suite of data loss prevention and encryption tools, Microsoft 365 integration, powerful message handling features, and shared threat intelligence with other Sophos products that enables you to identify previously unseen indicators of compromise and remove suspicious files across environments.

It’s a core pillar of our portfolio that extends visibility across Microsoft 365, cloud server workloads, endpoints, the network and more.

But we’re not slowing down one bit. In fact, we’ve recently accelerated Sophos Email development to include a host of new features and technologies.

On-demand clawback

Sophos Email post-delivery protection automatically removes messages containing attachments and URLs that are benign at the time of delivery but later become active and malicious.

With on-demand clawback, administrators can now manually remove any message from users’ inboxes with the click of a button in the Sophos Central admin console. No more wading through Microsoft Exchange or security consoles and having to run PowerShell scripts.

This feature is available to all customers running Microsoft 365 with post-delivery protection enabled. It’s a great tool for removing messages that might not be malicious but that may contain sensitive or confidential information.

The next evolution of our clawback capabilities will be our API and alerting into the Managed Detection and Response (MDR) Console, which is due out this quarter and will provide our MDR analysts with the ability to remove threats and stop active malicious email campaigns directly from their consoles.

Mail flow rules (MFR) tamper protection

Also for Microsoft 365 customers is our new mail flow rules tamper protection. Changes to mail flow rules can inadvertently break mail flow. This new feature alerts customers and provides one-click resolution, restoration, and correction to configurations and mail flow.

Google directory sync

Using Google Workspace instead? We’ve added directory synchronization features that make it a snap to keep your Workspace users and mailboxes up to date inside the Sophos Central console. No need for manual configuration or roundabout synchronization with Microsoft Azure first.

Admin access to end-user lists

And that’s not all. We’ve added a new and highly-requested feature: admin access to end user allow and block lists, complete with import, export, and the ability to search, add, and delete entries directly from within the Sophos Central console. This feature was one of the top customer and field requests over the last 18 months and will reduce support tickets while enhancing the experience for both admins and end users.

And there’s more!

I’m from South Louisiana, so we call this “lagniappe” (a little extra).

We’ve also added new smart banners for plain-text messages and messages that might be unscannable due to key-signing, password protection, or encryption. And coming in the Q3 timeframe, we’re adding the ability to control which languages and countries of origin are allowed to deliver email to inboxes.

And that’s just the beginning. Check out for further enhancements or reach out to your Sophos rep with any questions.

Source: Sophos