Sophos Secure Email App - EOL


Just read this morning that the Sophos Secure Email App is being withdrawn from the Apple App Store in Dec 2023 and support for the app is being retired at the same time.

Being a long time user of the above app and Containerized Policies, what is the migration path for email?

The Retirement Document basically says this:-

Sophos Secure Email -> Apple User Enrolment

To say this is a bit vague is an understatement, can anyone advise what will replace Sophos Secure Email?



Added Tags
[edited by: Gladys at 10:37 AM (GMT -7) on 4 Sep 2023]
  • Hi,

    sorry to bring up this old thread, but are there any news regarding a replacement?

    We used the Sophos Email App to have company contacts on our phones available, but restrict the access for WhatsApp, etc. to these contacts.

    Although there is a policy to prevent contacts from being saved via the Mail app, this is not a real alternative or solution.

    Does anyone have any ideas or alternatives to get around this problem? 

    Thanks :)

  • Hello  I just did the conversion from Sophos workspace container plus secure email over to the apple user enrollment solution. I'm not familiar with the android side of things, but if you would like more information on how/what we did for our solution on iOS I would be happy to answer in detail for you!

  • Hello Brett,

    thanks for your reply, but we are already using the user enrollment to deny the contact synchronisation to the device itsself.

    But we would like to be able to use the 'company contacts' for calling and beeing able to see who is calling - which was possible via the Sophos Email-App. So if you know an alternative solution to that issue feel free to contact me :) 

  • Oh gotcha,

    Well I'm not sure if it's helpful, but from my understanding under Policies > User Policy > Restrictions: There is "Allow unmanaged apps to read contacts from managed accounts"

    Image about allowing unmanaged apps to read managed contacts.

    As long as this is checked on and the parent setting "Allow documents to be shared only within managed apps/accounts" is checked on, I believe this would solve your issue as it would allow the contacts app outside of APFS to see those contacts and therefore display the names of any called and/or calling work parties. This would however, allow any other non-managed apps to read these contacts too which should be used with care.

    However, when unenrolling the device, the contacts would be wiped from the device due to the APFS being removed.

    If you wish to still use the outlook app instead of the native email app, then you can go in to Policies > User Policy > Email Account: and then turn off "Synchronize mail" and turn off "User can change mail synchronization" and any other synchronizations you do not wish to synchronize to the APFS outside of the outlook app. 

    This comment is untested, but I believe my thinking is correct. I apologize if it is not!

  • Hi Brett,

    thanks for your reply. This worked and solved our problems!

Reply Children
No Data