Sophos and Rubrik have officially launched Sophos Backup and Recovery Powered by Rubrik Cyber Resilience, a Microsoft 365 backup and recovery service now generally available worldwide as of June 1, 2026. The service is integrated directly into Sophos Central, the unified management platform used by Sophos customers to oversee their security infrastructure. This move delivers native, automated protection for Microsoft 365 data, addressing a critical gap many organizations face under the shared responsibility model of cloud services.

The announcement marks a significant expansion of the Sophos partnership with Rubrik, bringing Rubrik's proven cyber resilience and data protection capabilities to the Sophos ecosystem. For IT administrators and security teams already invested in Sophos solutions, the ability to manage Microsoft 365 backups alongside their existing endpoint, network, and cloud security tools from a single console simplifies operations and strengthens overall defense postures.

The Shared Responsibility Blind Spot

Microsoft 365 has become the backbone of productivity for businesses worldwide, but its native data protection features remain limited. Microsoft ensures service availability and infrastructure resilience, but the responsibility for protecting customer data—against accidental deletion, ransomware, insider threats, or malicious actors—falls squarely on the subscriber.

Without a dedicated third-party backup solution, organizations risk losing critical emails, files, SharePoint libraries, and Teams conversations permanently. The recycle bin and basic retention policies offer a false sense of security; they cannot protect against sophisticated ransomware attacks that encrypt or exfiltrate data, nor can they provide granular, point-in-time recovery across the entire Microsoft 365 suite.

Sophos Backup and Recovery Powered by Rubrik Cyber Resilience directly confronts this exposure. By adding it to Sophos Central, the company gives its customers a straightforward path to closing the backup gap without introducing yet another standalone tool or console.

Partnership Rationale

Sophos has long focused on adaptive cybersecurity, consistently broadening its portfolio from endpoint protection to firewalls, email security, and managed detection and response (MDR). Rubrik, on the other hand, has established itself as a leader in zero-trust data management and cyber resilience, with a platform that emphasizes immutability, rapid recovery, and integration with security ecosystems.

Combining Sophos Central's centralized management with Rubrik's data protection engine creates a compelling proposition. Customers gain access to enterprise-grade Microsoft 365 backup capabilities that are seamlessly woven into the same interface they use for threat hunting, policy enforcement, and incident response. This convergence of security and data protection reflects a broader industry trend where cyber resilience is no longer treated as a separate discipline but as an integral part of a holistic security strategy.

Key Capabilities and Integration

While the full technical specifications have not been publicly detailed, the service is expected to deliver core backup and recovery functions tailored to Microsoft 365 workloads, including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams. Drawing on Rubrik's technology, it likely features:

  • Automated backups with configurable retention policies
  • Point-in-time recovery to restore individual items, mailboxes, sites, or entire workloads
  • Immutable storage to safeguard backup copies against tampering or ransomware
  • Role-based access controls to limit who can initiate restores or modify backup configurations
  • Detailed audit logs and reporting for compliance

Integration into Sophos Central means administrators can set up and manage backups through a familiar workflow. They can apply existing groups, tags, and policies to backup jobs, ensuring that protection aligns with organizational structures and security policies already in place. Moreover, coupling backup health with the security alerts in Sophos Central may allow for smarter incident response—for example, automatically isolating an endpoint that triggers a ransomware alert while simultaneously initiating a recovery of the user’s OneDrive files from a clean snapshot.

Cyber Resilience as a Service

Sophos describes the offering as “powered by Rubrik Cyber Resilience,” underscoring that this is more than simple backup. Cyber resilience implies the ability to withstand, respond to, and recover from cyber incidents without significant data loss or extended downtime. For Microsoft 365, that means not just having backups but having backups that are air-gapped from the production environment, cryptographically protected, and recoverable in minutes.

In an era where ransomware groups actively seek out backup systems to destroy them before launching encryption attacks, an immutable backup repository is no longer optional—it is essential. Rubrik’s architecture inherently prevents backup deletion or modification, regardless of privileged account compromise, because it operates on a zero-trust model where even an administrator cannot delete the backup data once it is written. This capability, now available through Sophos Central, provides a critical safety net for organizations of all sizes.

Pricing and Availability

The service became generally available on June 1, 2026, to Sophos customers globally. While specific pricing has not been disclosed, it is expected to follow the standard Sophos Central subscription model, likely based on the number of protected Microsoft 365 users or the volume of data stored. Interested customers can contact Sophos sales representatives or their channel partners for a quote.

Sophos has indicated that the service will be updated regularly, with additional features and deeper integrations rolling out over time. As cyber threats evolve, the ability to rapidly adapt protection strategies—including backup and recovery—will be vital.

Industry Context

The launch comes at a time when regulatory pressures and cyber insurance requirements are pushing organizations to adopt robust data protection measures. Many frameworks now explicitly mandate off-site, immutable backups as a prerequisite for coverage or compliance. By embedding Rubrik's technology into its platform, Sophos is betting that customers will favor a unified security suite over piecing together disparate point solutions.

Competition in the SaaS backup space is fierce, with established players like Veeam, AvePoint, and Acronis offering their own Microsoft 365 backup products. However, the tight coupling with Sophos' security stack could be a differentiator, particularly for the mid-market and enterprises that already rely on Sophos for endpoint detection, firewall management, and MDR.

Early Reception and Outlook

Although the announcement is recent, initial reactions from the Sophos community highlight the natural appeal of a consolidated management experience. Administrators often express fatigue from juggling multiple dashboards, and the prospect of managing backups in the same pane of glass as threat alerts resonates strongly.

Challenges may include ensuring that the backup performance meets the standards set by dedicated Rubrik deployments and that the integration is deep enough to warrant migration from existing backup tools. However, given Rubrik’s reputation and Sophos' track record of platform evolution, these are likely to be refined in subsequent updates.

The arrival of Sophos Backup and Recovery Powered by Rubrik Cyber Resilience signals a maturation of the security industry's approach to data protection—where backup is not an afterthought but a first-class component of the security posture. For Windows and Microsoft 365 users within the Sophos ecosystem, the addition delivers a seamless, powerful new tool to keep data safe and businesses running.