This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Secure Email App - EOL


Just read this morning that the Sophos Secure Email App is being withdrawn from the Apple App Store in Dec 2023 and support for the app is being retired at the same time.

Being a long time user of the above app and Containerized Policies, what is the migration path for email?

The Retirement Document basically says this:-

Sophos Secure Email -> Apple User Enrolment

To say this is a bit vague is an understatement, can anyone advise what will replace Sophos Secure Email?



This thread was automatically locked due to age.
  • Hello  

    Thank you for reaching out to the community forum. 

    As the EOL date is nearing for the on-prem Sophos product. Here is the link for migrating from on-prem to Sophos mobile product in Sophos central.  This documentation explained the step-by-step process for both IOS and Android-managed devices.

    We encourage you to migrate to Sophos Central Management. 

    For the Secure Email app, Most likely, there’s no replacement as on central manage device, you can use the native email application installed on the mobile. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi GlennSen,

    We are already on Sophos Central Mobile.

    This is what  I'm reading, Sophos Secure Email Section

    Sophos Secure Email

    We encourage existing customers using the Sophos Container apps (Sophos Secure Email and Secure Workspace) to transition to the Android and iOS equivalents (Android Work Profile and Apple User Enrolment). The Sophos Secure Email and Sophos Secure Workspace apps will be removed from the app stores in December 2023 and will not be supported after this date.

  • Hello Craig,

    Yes, there's no news about replacing the Sophos Secure email app, and most likely, there's no replacement for the said app.

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi,

    sorry to bring up this old thread, but are there any news regarding a replacement?

    We used the Sophos Email App to have company contacts on our phones available, but restrict the access for WhatsApp, etc. to these contacts.

    Although there is a policy to prevent contacts from being saved via the Mail app, this is not a real alternative or solution.

    Does anyone have any ideas or alternatives to get around this problem? 

    Thanks :)

  • Hello  I just did the conversion from Sophos workspace container plus secure email over to the apple user enrollment solution. I'm not familiar with the android side of things, but if you would like more information on how/what we did for our solution on iOS I would be happy to answer in detail for you!

  • Hello Brett,

    thanks for your reply, but we are already using the user enrollment to deny the contact synchronisation to the device itsself.

    But we would like to be able to use the 'company contacts' for calling and beeing able to see who is calling - which was possible via the Sophos Email-App. So if you know an alternative solution to that issue feel free to contact me :) 

  • Hi,

    I've recently tested both the Native iOS email and Microsoft Outlook app, we've decided to go with the Outlook app as it provides better functionality than the native app. Outlook is a little more difficult to configure in the deployment stage, but I found the info here

    I understand what you are saying about not wanting users to save contacts from the email system to use on other apps, I'm also looking into this.


  • This is an incredible find! Thank you for sharing this! This will help with one of our workflows greatly!

  • Oh gotcha,

    Well I'm not sure if it's helpful, but from my understanding under Policies > User Policy > Restrictions: There is "Allow unmanaged apps to read contacts from managed accounts"

    Image about allowing unmanaged apps to read managed contacts.

    As long as this is checked on and the parent setting "Allow documents to be shared only within managed apps/accounts" is checked on, I believe this would solve your issue as it would allow the contacts app outside of APFS to see those contacts and therefore display the names of any called and/or calling work parties. This would however, allow any other non-managed apps to read these contacts too which should be used with care.

    However, when unenrolling the device, the contacts would be wiped from the device due to the APFS being removed.

    If you wish to still use the outlook app instead of the native email app, then you can go in to Policies > User Policy > Email Account: and then turn off "Synchronize mail" and turn off "User can change mail synchronization" and any other synchronizations you do not wish to synchronize to the APFS outside of the outlook app. 

    This comment is untested, but I believe my thinking is correct. I apologize if it is not!