Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Data loss prevention for Sophos Email Advanced is now live in Sophos Central, and included with the Sophos Email Advanced licence. Allowing you to protect sensitive information, with discovery of financials, confidential contents, health information, and PII in all emails and attachments.

Now combined in one license, with a single policy management view. Data loss prevention and content control provide advanced data breach prevention, with policy-based email encryption built-in.

Adding to the encryption launch and announced earlier in the year and recent enforced TLS connection update, DLP will enhance the existing content control policies already available with Sophos Email Advanced. With any existing content control rules automatically migrated to your new DLP policies, along with any created during the EAP. This provides a very powerful feature set, delivered simply through Sophos Central. Allowing you to save time, managing data protection for email, alongside endpoint from a single management console.


Flexible policy management

Expanding on content control filtering of inbound and outbound messages for keywords and file types, DLP now allows you to add new rule types for sensitive information and CCLs:

  • Protect important information with sensitive CCL-based policy templates to detect financials, confidential contents, health information, and PII (Personally identifiable information).
  • Create custom CCLs using Sophos Content Control Lists or customize out of the box templates for specific CCLs such as HIPAA, under Health Information, and PCI under Financial Information.
  • Plus, new regex support in keyword rules and the ability to import keywords.



Create custom rules

Simple to use policy wizards now allow you to define up to 50 rules per policy (25 inbound / 25 outbound), with new drag and drop tools to fine tune the priority order of rules:

  • Create multiple policies for groups and individual users.
  • Filter inbound and outbound messages for keywords and file types.
  • Apply new policy actions to re-direct inbound emails to a specified email-address, and encrypt outbound messages, or bounce them back to the sender with subject line tag.
  • This, in addition to existing content control actions to quarantine, delete or strip attachments from email messages. While rules now allow you to notify both the recipient and administrator of violations.



Clear reporting

Helping busy teams to simply understand the threats they face is what Sophos Email does so well, and DLP delivers powerful reports to that make tracking policy violations easy:

  • Search the past year of activity logs by sender, recipient, or DLP rule triggered.
  • Filter search results by date, direction (inbound or outbound), and rule category.
  • Even enroll users violating DLP policies directly into Sophos Phish Threat training programs to increase their awareness of data loss risks, as well as a complete range of cybersecurity threat awareness courses, and phishing simulation emails.


Download the latest “What’s New” guide for Sophos Email below to catch up on the very latest additions to your service


  • All features listed in the article apply to Sophos Email Advanced license customers only
  • Sophos Email Advanced customers who took part in the Sophos Email data loss prevention early access program (EAP) will retain any policies created during the EAP
  • These features have been automatically added in Sophos Central, however, you are required to activate and define your custom policy settings via the policy section
  • No custom settings will be affected by this update