Nav Screen Region
Site Header Region
Page Header
Main Content Region

Microsoft Defender for Email

Email Security Transition: Proofpoint to Microsoft Defender

CSUSB will be transitioning from Proofpoint to Microsoft Defender for email spam and phishing protecting on December 17, 2025.

Student email in Gmail is NOT affected

Gmail protects student email in Gmail.

Student Employees also have an Outlook email account.  Defender will now protect the student employee emails in Outlook.

Defender integrates with Outlook, Teams, Sharepoint, and OneDrive

Why

Why We're Making This Change
Microsoft 365 A5 LicensingFinancial and Security Monitoring Benefits

As part of our strategic move to Microsoft Teams Phone, the university invested in comprehensive Microsoft 365 A5 licenses.

Moving to Defender leverages the benefits of the A5 licenses already used for Teams Phone.

  • Include enterprise-grade security tools across our entire digital ecosystem.
  • Delivers enhanced protection for:
    • Email, desktop, and mobile devices, all working seamlessly together through Microsoft's unified security platform.

By consolidating our security solutions under the Microsoft 365 A5 umbrella, we're achieving significant cost savings for the university.

  • No duplicative and expensive licensing for Proofpoint
  • Maximizing the value of our existing investment.
  • Leveraging Microsoft Defender Security Suite for Documents, Desktop and Email

Benefits

Benefits of Migrating to Defender
Advanced Email ProtectionEnhanced Desktop SecurityUnified Platform
  • Includes advanced threat protection
  • Safe Attachments
  • Safe Links
  • Sophisticated anti-phishing
  • Provides advanced threat hunting
  • Behavioral analysis
  • Automated investigation capabilities
  • Access to advanced threat intelligence and protection features included in Microsoft 365 A5 Licenses

Seamless integration across email, desktop, and mobile creates a cohesive security ecosystem

Timeline

Timeline from Review of Services to Migration by December 17 and Post-migration monitoring
Defender TImeline
TaskDetailsStatus
ITS Review of Duplicative Services
 Completed
Evaluation of Microsoft Defender
 Completed
Pre-Migration - September 2025Configuration and beta testing with select users to validate settings and performanceCompleted
October - November 2025Approval from IT Governance Sub-Committees and Executive Committee to transition to Microsoft DefenderCompleted
Expand Testing - October to November 2025Deploy to wider test group, ITS and volunteersCurrent
Cutover Date for Campus - December 17Full migration executed during the break to minimize impact on university operationsUpcoming
Post-MigrationMonitoring and fine-tuning to ensure optimal performance and user experienceUpcoming

How to Report Email

This feature is available on Outlook for Desktop, Mobile, and Web clients.

When viewing an email in Outlook, there are multiple ways to report it.

  • Using the top toolbar
  • Right-clicking an email
 
Benefits of the New Button
  • Faster processing of reported threats.Report button
  • Automatic analysis enhances detection.
  • Improved threat intelligence for better protection.
  • Seamless integration with Microsoft's security ecosystem.tent...

Report Using the Toolbar Button

How to Report Phishing (Toolbar)
  1. Select the email

  2. Click the Report button in the toolbar to Report as Phishing

    Report button

  3. A confirmation message appears

  4. Click Report or Cancel.
  5. Note: Click Don't ask again to skip the confirmation in the future.
How to Report Junk (Toolbar)
  1. Select the email.
  2. Click the dropdown arrow on the right of the Report button

  3. Choose Report Junk

    Dropdown Report menu - Choose Report Junk

  4. A confirmation message appears

  5. Click Report or Cancel.

    Note: Click Don't ask again to skip the confirmation in the future.

Report using Right-click

How to Report Phishing (Right-click
  1. Right-click the desired email

  2. Click/Select Report

    Report button

  3. Click Report phishing

    Report phishing menu

  4. A confirmation message appears

  5. Click Report or Cancel.

    Note: Click Don't ask again to skip the confirmation in the future.

How to Report Junk (Right-click)
  1. Right-click the desired email

  2. Click/Select Report

    Report button

  3. Click Report junk

    Report junk menu

  4. A confirmation message appears

  5. Click Report or Cancel.

    Note: Click Don't ask again to skip the confirmation in the future

 
 
 
Don't see the Report Button?

If you have ever customized your toolbar, you may not see the Report button.  

How to Add the Report button to your toolbar

  1. Click the 3 dots in the upper right of the toolbar to open settings.

  2. Click Customize Toolbar

    Customize Toolbar menu

  3. Drag Report up to the Toolbar

    Drag Report to toolbar

External tag on Email

Email indicating External tag in header
Example email indicating an External sender tag

What the Tag Means

  • The "External" tag clearly indicates that an email originated from outside our university's email system.
  • It applies to all messages not sent by a recognized sender.

Why It's Important

  • This visible indicator is a crucial step in our defense against sophisticated phishing attacks and impersonation attempts.
  • This enhancement is designed to boost our collective security awareness.

Your Awareness is Key

  • When you see the "External" tag, take a moment to verify the sender, assess the content, and hover over links before clicking.
  • Treat all external emails with heightened vigilance.

Domains that are considered internal

Emails sent from the following domains are considered internal and do not get an External tag:

  • csusb.edu
  • coyote.csusb.edu
  • groups.csusb.edu
  • calstate.edu
     
 
Extra caution needed

If an email appears to come from one of the above domains and has the "External" tag, exercise extra caution as the sender may not be legitimate.

Emails sent by third parties, e.g. Adobe Sign, Pageup, Microsoft will be marked External.