Protect your Microsoft 365 users from malicious emails.
With M365 Security you can set up Post delivery protection. This includes Auto search and destroy, which searches your users' Microsoft 365 (formerly Office 365) mailboxes to identify and quarantine malicious emails.
You must add your Microsoft 365 tenant domains to Sophos Central in Email Security Dashboard before you can use Post delivery protection.
You must be a Super Admin to set up and manage connections to your Microsoft 365 tenants.
Set up M365 Security
When you set up M365 Security you must give permission for Sophos applications to access your Microsoft services. This allows us to scan users' inboxes for malicious emails.
You can find out how to set up M365 Security and turn on Auto search and destroy in Post delivery protection.
Manage Microsoft 365 connections
You can see the status of connections to your Microsoft 365 tenants in Overview > Global settings > Domain Settings / Status.
For more information see Domains Settings/Status.
Manage quarantined messages
Auto search and destroy automatically looks for malicious emails in your users' inboxes, and quarantines them. You can find quarantined emails from Microsoft 365 users in Email Security Dashboard > Quarantined Messages > Post delivery quarantine.
For more information see Quarantined Messages.
M365 Security reports are available in Overview > Logs & Reports > Post delivery summary.
For more information see Post delivery summary report.