Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Portal Encryption for Sophos Email

Sophos Email Advanced Portal Encryption (or you may know it as Pull Encryption) is now available as an add-on product to Sophos Email Advanced. Portal Encryption allows email senders to securely deliver an encrypted email onto a web portal. The recipient of the email is notified to login to the web portal to read and reply to the encrypted email.

This enhancement allows organizations using Sophos Email Advanced to choose from the following email encryption methods – all support message sizes up to 50MB:

  • Send via TLS (included with Email Advanced): This prevents eavesdropping and tampering with the message in transit and uses push-based email encryption with AES 256 during email transport. Users manage their encrypted emails with their usual email client.
  • Push Encryption (included with Email Advanced): This method converts emails to PDF files. Encrypted emails are converted to PDF files and attachments are natively encrypted. These are delivered to the users' email client whey they can choose to reply via a secure portal. Learn more
  • Portal Encryption (new add-on): This delivers encrypted emails to the Sophos Secure Message portal where recipients can manage, read and reply to their encrypted messages. Portal Encryption is only available with a Central Portal Encryption add-on for the Email Advanced license.


Overview of Portal Encryption Features

  • Flexible policy control allows organizations to encrypt all outbound messages sent to a set list of recipient addresses and domains.
  • Send secure messages fast using the O365 add-in buttons for PC and Mac, or by adding the organizations custom subject line tag to the message i.e. “Secure: ***”.
  • Manage encrypted messages from Sophos Secure Message portal. Enabling recipients to view, reply and add attachments securely.
  • First time recipients receive a notification email containing a link to Sophos Secure Message portal where they quickly set up a Sophos Secure Message account.
  • The account can only be used for emails within the region that the original encrypted email came from. If users receive an encrypted email from another region, they must set up another account.


How to Activate Email Encryption

To activate encryption features with Sophos Email Advanced, go to Sophos Central Email section > Global Settings > Encryption settings. Customers and partners can then choose how to send secure messages.

  • Send via TLS: If TLS isn't available, the entire message is encrypted as a PDF file.
  • Push Encryption: Choose whether the whole email, including attachments, is encrypted, or just the attachments.
  • Portal Encryption [add-on]: Available once the add-on license has been added to your Sophos Central account. If Portal Encryption isn't available, the entire message is encrypted as a PDF file.


The Sophos Central free trials page will provide Email Advanced customers the offer to try Portal Encryption free for 30-days, and help guides are available now to all customers and partners here.

Parents Comment Children
No Data