Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Office 365 Message Encryption: User Driven Outlook Plugin

    Please provide an Outlook Plugin for users to initiate and encrypted email. I know this is on the roadmap for OWA, but most users are still using Outlook 2010+. Provide a new button directly under the current Send button that says, "Send Encrypted".

    Our client base can't depend on users typing in **encrypt** and Exchange DLP rules for Encryption.

    187 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    • The PDF reader doesn't work with View Permissions and IRM enabled

      IRM and PDF support in office 365 is virtually non existent, Microsoft needs a native PDF application which supports IRM, and the current solutions to use Foxit or NitroPDF don't work when you attempt to give a user view rights with IRM enabled - which totally defeats the purpose

      118 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
      • OME v2 - Encrypt Only Template

        The new version of OME that is now more integrated into AIP, needs to have an encrypt only option such as you can configure using the message classification configuration.

        The DNF use case is too restrictive for our organisation.

        Thank you for consideration.

        89 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
        • Allow for adjusting the link expiration time for an OME v2 encrypted message.

          Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

          85 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
          • Allow Journal decryption in OME

            Currently RMS-encrypted mails can be decrypted for the purposes of journaling, but OME-encrypted mails - even though also based on RMS - does not have the same option. Set-IRMConfiguration -JournalReportDecryptionEnabled $true is used to enable RMS journal decryption. I suggest something similar is developed and made available for OME.

            79 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
            • Add ability to send the One-Time Passcode via SMS and NOT by e-mail

              Office 365 Message Encryption can be leveraged in case of a delegated inbox scenario. If an encrypted message is sent to a person who's inbox is delegated e.g. to a secretary the delegated has the ability to request a one-time passcode to the delegated inbox and so full access on the OME protected message can be gained.

              This scenario could be avoided by sending the one-time passcode using SMS because then the delegated has no access to the one-time passcode.

              74 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
              • Office Message Encryption - Link instead of HTML attachment

                Enable encryption to be a link in the body of the message instead of an attachment. Many filters block html attachments.

                65 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                • Ability to apply multiple Branding Options for Office 365 Message Encryption

                  Office 365 Message Encryption currently only provides the ability to specify one set of branding configurations (see https://technet.microsoft.com/en-us/library/dn569292.aspx). Large enterprises that have multiple entities need the ability to provide branding for each entity.

                  For example, if Contoso was comprised of entities Fabrikam, Northwind, and ADatum, each entity should be able to specify it's own branding for OME.

                  51 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                  • Allow Office 365 users to transparently open OME encrypted emails within Outlook

                    If a user sends an email to multiple recipients including Office 365 users (internal or external) as well as non-Office 365 users that don't support TLS transport and wants to protect that email with OME, it has to be encrypted. This would lead to the situation where all recipients would have to go through the portal process to retrieve the message including the Office 365 users.

                    This would be a reason that TLS encryption for Office 365 users to reasonably protect emails is not adequate and OME is inconvenient for Office 365 users. This is the reason for my inquiry…

                    39 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                    • Serious Bug in External Sharing

                      The security trimming is not working with external sharing switched on. Users are only supposed to see what they have been given access to see in SharePoint Online. However, when you share content externally as read only, users are still able to see the full Site Owner menu options for the items. They can also click on them, but then when trying to submit the change, they get an error saying access denied. (The errors messages are also not consistent causing more confusion - see deleting a document versus renaming it). This is a MAJOR design flaw as external sharing…

                      38 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                      • Office 365 Message Encryption: Set Custom Subject in Notification Email

                        When an email with OME is sent, it is delivered to the recipient as a notification with instructions to view the message on the portal. The body of that notification is changed, but the subject of the original email is preserved. Please provide the option (another parameter in Set-OMEConfiguration) to set a custom subject for that notification email while still preserving the original subject when the recipient views the email in the portal.

                        For example, allow an administrator to replace the notification email's subject with something like "You have a new encrypted message." Ideally, it would be great if we…

                        32 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                        • Read receipt for when encrypted email is read.

                          Products like ZIX are able to deliver a notification when someone reads the encrypted message they were sent.
                          Our Customer has requested this feature to be added in O365

                          31 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                          • Simply enroll S/MIME certificates to users with 3rd Party Certificate Authority

                            Enrolling S/MIME certificates for email encryption/signing is such a pain. Could Microsoft team up with a 3rd Party CA like Thawte and easily enroll and configure this certificate to users in the organization? Microsoft should be able to configure the certificate in Outlook Client, Web Access and Outlook Apps without any user interaction required.

                            22 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                            • Message Encryption Expiration

                              Microsoft states that they have the ability to do expiration for messages that are encrypted, but this is not actually true. When a ticket was opened, they just said it was in testing phase. There is no reason this should take that long to implement. Please correct documentation and add feature. https://blogs.office.com/2015/02/18/office-everywhere-encryption-everywhere/

                              22 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                              • On Demand Encryption

                                Add the ability to provide On-Demand Office 365 Message Encryption through Outlook without requiring Rights Management (so it's viewable by external users).

                                This doesn't seem possible today with RMS templates. The workaround I am currently using is a mail flow rule to encrypt all messages that have #encrypt in the body.

                                19 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                • "Encrypt" RMS template: seamless read not working in Outlook Online and Outlook ProPlus

                                  Hello,

                                  We have created a transport rule in Exchange Control Panel to apply Office 365 Message Encryption with RMS template "Encrypt" to emails having subject ending by " (crypted)".

                                  When we send an email matching the conditions, the rule is triggered.

                                  However, when the email is received in Outlook 2016 (ProPlus) or Outlook Online, it is not displayed directly as described on https://support.office.com/en-us/article/how-do-i-open-a-protected-message-1157a286-8ecc-4b1e-ac43-2a608fbf3098. Instead, a link to the web portal is displayed.

                                  We raised a support request on this (#7596564).

                                  Office 365 support told us to use the "Do Not Forward" RMS template. However this is not what we…

                                  17 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                  • Office 365 Message Encryption - One time passcode not working outside Microsoft system

                                    The one time passcode was working few weeks ago for people outside of our organization, but it is no longer working and nothing has been changed from our end. I have been on a call with Microsoft Support and they told me that will not work with Gmail, which is not acceptable because our clients have their domain integrated with Google and they are using Gmail. It is also not working with Yahoo as well. OTP works with Hotmail because it is a Microsoft product. I know it works using a Microsoft Live account but that is not the point.…

                                    17 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Impliment multifactor authentication to better control the person that can decrypt email is the intended recipient

                                      Now if the email is accidently sent to the wrong person they can decrypt the email and have privileged information. We need better control to ensure that only the true intended person can open email.

                                      13 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
                                      • RMS product support in the O365 product suite immature.

                                        No cross platform support even within the MS products (example: Office on Android).

                                        If you have RMS protected Document Libraries in SharePoint Online it is very difficult to use them in a day to day business across all platforms (Android, Apple iPad/MAC). The need to purchase 3rd party solutions to view PDF's for example is not desirable - Microsoft's own PDF reader on Win8 can't open an RMS document. There is also insufficient documentation from microsoft across the various configurations - a matrix is needed to work out how to open/edit RMS document types on the different platforms.

                                        10 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                        • Decryption via One Time code for Gmail (3rd party email)

                                          Users receiving encrypted emails via 3rd party email (Gmail, etc) cannot use decryption via one-time code. They receive an error stating the operation could not be completed. Issue recreated by Microsoft Support and they recommended this improvement.

                                          10 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                          ← Previous 1 3 4
                                          • Don't see your idea?

                                          Feedback and Knowledge Base