Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Safelinks and other security needs not only the url list but a way to say if coming from this Domain don't convert to safelink.

    Would like to see a way for SAFELINKS to not only have exceptions for URLs but also Domains.
    Our organization has some additional domains that have sends meetings invites such as teams to the main domain. Safelinks causes issues so we would like to set it up so any email coming from this domain will not have Safelinks. This domain already has a security suite and safelinks for external, so any internal email sent from this domain we don't want safelinks.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  3. ransomware

    I want to report the other day A screen appeared in a window which I believe was an attempt at ransomware, It said it was from Microsoft, which I don't believe, it said that my device had a virus and that I should call Microsoft right away. It also warned not to close the page and if I didn't comply they would disable my computer. It said the virus was number 268B3 and I should call Microsoft at 1-888-814-9523. I hope you can find the criminal and take him or her off the cyberspace.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  4. Please do something about when an app takes too long to load. It is very frustrating, especially when you need to do something important

    I was going to use PowerPoint to create a presentation and it needs to be done as soon as possible, but every time I would click on the button, it still wouldn't work, even if I refreshed many times. I go back and forth to this site to check if it's working properly already but no. The others worked fine but not PowerPoint. I hope you'll do something about this. BTW I have no concerns about my internet connection as well

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  5. dotm files should be included in protection especially since I can't add my own definitions

    Today my boss received a .dotm file from an unknown person. Luckily he is smart enough not to open those files, but we should be able to have dotm files included in protection or at least add our own definitions since apparently it take a village to do this :/

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  6. Why run the MS Click-to-Run without explicit permission from me, owner of the computer? A simple pop-up with explanations would suffice

    If MS want to initiate its Click-to-Run streaming service, it should obtain explicit permission from me, the user and owner of the computer. A simple pop-up with explanations would suffice. But MS chooses to decide to push this software-as-a-service component without permission, somewhat reminiscent of malware. That is not nice behavior. Moreover, I cannot find a way to disable this functionality which I do not want.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  7. マルウェアを検知したときの通知メールの言語を変更できるようにしたい

    マルウェアを検知した際の通知メールの言語は英語と日本語のみと認識しています
    通知メールの言語を英語から日本語に変更できるようにしたいです

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  8. Intune Policy based deployment

    Policy based deployment which at least encompasses capability to automate deployment of updates. e.g. Granular calendar based control to deploy say deploy all security updates to these specific groups on 21st of every month etc. You may want to use the new Azure AD dynamic grouping, at this time I know nothing about this as it's not rolled out yet.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  9. When an email from an external sender is sent to hosted quarantine for any reason (i.e. attachment type), notify the sender with reason.

    We have a transport rule that moves external email with specific attachment types to hosted quarantine - so we can release them if we need to. We would like to be able to send replies to the sender - asking them to consider re-submitting their email with an acceptable document type such as PDF.
    We could do this if we simply blocked the message altogether, but the idea of hosted quarantine is that we can review and release if it is necessary, without involving the original sender.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow searching of second level malware family without adding top malware family as search item

    The threat explorer allows to search for malware families. You need to enter either the top-level Malware Family or top-level+second-level malware family. This makes searching for malware, without knowing the exact top level family very difficult.

    Example : Searching for "DDE".
    In order to find all malware related to DDE you need to include "O97M" (top malware) in the search for DDEDownloader.C

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ability to whitelist 3rd party anti-phish reporting tools

    Although the malware filters are working as expected, some companies I have worked for use third party tools (i.e. PhishMe or PhishGuru) to mitigate Phishing and Spam emails.

    These tools come with Outlook Add-in's for users to submit emails that did not get blocked originally. Since the malicious email made it through to the users mailbox, by the time they submit to such a service, the email gets blocked by the Malware filter now, recognized the malicious and therefore it goes unreported or in our case the user gets an email from EOP station that the message was rejected as…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  12. Freedom of custom text

    I want to be able to change the content of the notification text for each detected email when an email is detected as malware.

    This request is based on customer's voice.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
1 2 3 5 Next →
  • Don't see your idea?

Feedback and Knowledge Base