Nav Screen Region
Site Header Region
Page Header
Main Content Region

Microsoft Defender for Email

Email Security Transition: Proofpoint to Microsoft Defender

CSUSB will transition from Proofpoint to Microsoft Defender for Office 365 as our primary email security solution on Wednesday, December 17, 2025.

Defender integrates with Outlook, Teams, Sharepoint, and OneDrive

How To Use

Not using Outlook?

If you use an email client other than Microsoft Outlook (such as Thunderbird, Apple Mail, or other third-party applications), you can continue to report suspicious emails by forwarding them to abuse@csusb.edu. Our security team monitors this inbox and will investigate all reported messages.

Student email in Gmail is NOT affected

Gmail protects student email in Gmail.

Student Employees also have an Outlook email account.  Defender will now protect the student employee emails in Outlook.

Quick-use guides on the basics of Defender are provided below.  Training sessions are also being offered in-person and via zoom.

Training Schedule

  • Tuesday, January 6 | 10:00–11:00 a.m. | How to Use Defender | PL-1104 and via Zoom
  • Tuesday, January 12 | 10:00–11:00 a.m. | How to Use Defender | PL-1104 and via Zoom

 

 
Benefits of the New Button
  • Faster processing of reported threats.Report button
  • Automatic analysis enhances detection.
  • Improved threat intelligence for better protection.
  • Seamless integration with Microsoft's security ecosystem.tent...

What You Will Notice

  1. "External" Email Tag – Emails from outside the university will display an "External" label, helping you quickly identify messages that require extra vigilance. This is an important defense against phishing and impersonation attempts.
  2. New Reporting Tools – Native to Microsoft Outlook (Desktop, Mobile, and Web), you'll have access to new "Report Phishing" and "Report Junk" buttons for easier reporting of suspicious emails. You will find instructions on our project page.
  3. New Quarantine Dashboard – A new Microsoft Defender quarantine dashboard where you can preview quarantined spam and phishing emails, and release them if any emails are accidentally quarantined.

How to Report Email

This feature is available on Outlook for Desktop, Mobile, and Web clients.

When viewing an email in Outlook, there are multiple ways to report it.

  • Using the top toolbar
  • Right-clicking an email

Report Using the Toolbar Button

How to Report Phishing (Toolbar)
  1. Select the email

  2. Click the Report button in the toolbar to Report as Phishing

    Report button

  3. A confirmation message appears

  4. Click Report or Cancel.
  5. Note: Click Don't ask again to skip the confirmation in the future.
How to Report Junk (Toolbar)
  1. Select the email.
  2. Click the dropdown arrow on the right of the Report button

  3. Choose Report Junk

    Dropdown Report menu - Choose Report Junk

  4. A confirmation message appears

  5. Click Report or Cancel.

    Note: Click Don't ask again to skip the confirmation in the future.

How to Report Phishing (Right-click
  1. Right-click the desired email

  2. Click/Select Report

    Report button

  3. Click Report phishing

    Report phishing menu

  4. A confirmation message appears

  5. Click Report or Cancel.

    Note: Click Don't ask again to skip the confirmation in the future.

How to Report Junk (Right-click)
  1. Right-click the desired email

  2. Click/Select Report

    Report button

  3. Click Report junk

    Report junk menu

  4. A confirmation message appears

  5. Click Report or Cancel.

    Note: Click Don't ask again to skip the confirmation in the future

 

Don't see the Report button?

If you have ever customized your toolbar, you may not see the Report button.  

How to Add the Report Button to your Toolbar
  1. Click the 3 dots in the upper right of the toolbar to open settings.

  2. Click Customize Toolbar

    Customize Toolbar menu

  3. Drag Report up to the Toolbar

    Drag Report to toolbar

External tag on Email

Email indicating External tag in header
Example email indicating an External sender tag

What the Tag Means

  • The "External" tag clearly indicates that an email originated from outside our university's email system.
  • It applies to all messages not sent by a recognized sender.

Why It's Important

  • This visible indicator is a crucial step in our defense against sophisticated phishing attacks and impersonation attempts.
  • This enhancement is designed to boost our collective security awareness.

Your Awareness is Key

  • When you see the "External" tag, take a moment to verify the sender, assess the content, and hover over links before clicking.
  • Treat all external emails with heightened vigilance.

Domains that are considered internal

Emails sent from the following domains are considered internal and do not get an External tag:

  • csusb.edu
  • coyote.csusb.edu
  • groups.csusb.edu
  • calstate.edu
     
 
Extra caution needed

If an email appears to come from one of the above domains and has the "External" tag, exercise extra caution as the sender may not be legitimate.

Emails sent by third parties, e.g. Adobe Sign, Pageup, Microsoft will be marked External.

Why

Why We're Making This Change
Microsoft 365 A5 LicensingFinancial and Security Monitoring Benefits

As part of our strategic move to Microsoft Teams Phone, the university invested in comprehensive Microsoft 365 A5 licenses.

Moving to Defender leverages the benefits of the A5 licenses already used for Teams Phone.

  • Include enterprise-grade security tools across our entire digital ecosystem.
  • Delivers enhanced protection for:
    • Email, desktop, and mobile devices, all working seamlessly together through Microsoft's unified security platform.

By consolidating our security solutions under the Microsoft 365 A5 umbrella, we're achieving significant cost savings for the university.

  • No duplicative and expensive licensing for Proofpoint
  • Maximizing the value of our existing investment.
  • Leveraging Microsoft Defender Security Suite for Documents, Desktop and Email

Benefits

Benefits of Migrating to Defender
Advanced Email ProtectionEnhanced Desktop SecurityUnified Platform
  • Includes advanced threat protection
  • Safe Attachments
  • Safe Links
  • Sophisticated anti-phishing
  • Provides advanced threat hunting
  • Behavioral analysis
  • Automated investigation capabilities
  • Access to advanced threat intelligence and protection features included in Microsoft 365 A5 Licenses

Seamless integration across email, desktop, and mobile creates a cohesive security ecosystem

Timeline

Timeline from Review of Services to Migration by December 17 and Post-migration monitoring
Defender TImeline
TaskDetailsStatus
ITS Review of Duplicative Services
 Completed
Evaluation of Microsoft Defender
 Completed
Pre-Migration - September 2025Configuration and beta testing with select users to validate settings and performanceCompleted
October - November 2025Approval from IT Governance Sub-Committees and Executive Committee to transition to Microsoft DefenderCompleted
Expand Testing - October to November 2025Deploy to wider test group, ITS and volunteersCurrent
Cutover Date for Campus - December 17Full migration executed during the break to minimize impact on university operationsUpcoming
Post-MigrationMonitoring and fine-tuning to ensure optimal performance and user experienceUpcoming

Additional Resources and Support

  • Report suspicious emails to: abuse@csusb.edu
  • Contact the Technology Support Center for assistance: (909) 537-7677