Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Push DLPRuleMatch INFO when Policy Tip is shown (outlook online)

    When a user gets a policy tip that their email contains sensitive data, they aren't allowed to send the email until they remove the data.
    In this scenario the management api doesnt get notified that this event ever occured and can't tell that a user was blocked from working.

    Would like the send button press to be detected and to send a rulematch event to the management api.

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  2. Report an issue button on Onedrive not triggering false positive event

    From onedrive or sharepoint on the web. Sensitive data is blocked by dlp policy. I click into the policy tip, I click 'Report an Issue', issue is reported.

    I see no evidence of it in the logs or protection.office dashboards. I checked DLP.All content and sharepoint content, 'DlpInfo' event should be sent to the logs, but I dont see them.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to view the data that triggered the DLP rule(s) inside the alerts in Security and Compliance center

    Ability to view the data that triggered the DLP rule(s) inside the alerts in Security and Compliance center

    When you create an alert policy for any DLP rules that are triggered, the alert itself does not show what original data triggered the alert.

    It would be nice to have a hyperlink to the offending email/file(s) instead on having to rely on alternative means to find the data.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow Admins to rename DLP Policy Names

    Allow Admins to rename DLP Policy Names
    Once a DLP Policy is created, the name is grayed out.
    This means that a change of name will imply creating a new complex DLP Policy whereas, allowing a name change will save a lot of time and effort in creating a new policy due to a name change.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow DLP Policy/Rule name changes

    When you name a DLP policy or rule within a DLP policy the name is no longer editable. It would save a lot of time and effort if we could change the name of the policy/rule after it is created rather than having to create the entire policy/rule again. Having to recreate a policy/rule just because we need to rename it, is not only inefficient, it introduces the opportunity for errors in the recreation.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  6. send user notification without email attached in Data Loss Prevention

    enable sending an alert to the user that his email is blocked without the original email attached

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow DLP policies to scan more than body/attachments

    DLP policies set up through Security and Compliance Center should be able to scan headers, metadata etc.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  8. DLP - apply redaction as an action

    Office 365 deals in data yet it is missing a vital function, data redaction. Most issues would never rear their ugly head if content was redacted. DLP can force content to not be downloaded among other functions, but there needs to be an action of redacting. Auto redact the content in question as an "action" that can take place in the system. If you have started adding this to Discovery holds, this needs to be a preventative in DLP. "Companies" know their system of record and where data is to be placed. "Users" usually have issues applying this,---this is where…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  9. Redact sensitive information from DLP API Data

    Sending DLP API data to a Splunk Server and would like to be able to redact sensitive information (eg:credit card numbers) from the logs.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  10. Block downloading of files to local non-Domain machines from within Teams app

    Whilst I'm fine with users utilising Teams on their home machines for necessary video-conferencing (as we primarily use a VDI environment, which has issues with webcam quality due to the passthrough) I don't want them able to download files to their machines instead of accessing them within the secure Teams window. This functionality is already in the browser-only instance of Teams at teams.microsoft.com . Implementing Company Portal is simply not feasible when users are all working remotely, and for guest users already abiding by other Company Portal restrictions from other organisations this will them mean they can't use our Teams…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow Exchange Online and Teams Retention Policies to work side-by-side.

    The new Teams Retention ability does work when an Exchange Online Retention policy is applied to the mailbox.

    For Example:

    Teams Retention is applied as below:
    [Delete chats after 1-day]

    Exchange Online retention is applied to the mailbox as below:
    [Delete items in Inbox after 5-years.]

    In order to get the Teams retention to work properly we had to remove the Exchange Online retention completely.

    Please provide the ability for Teams and Exchange Online retention to work side-by-side.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  12. Improve DLP Policy Analysis that should result filter word or activity.

    Office 365 have functionality to block words with transport rule on Exchange but it we could not find exact work which blocked.
    We have search manually and it is time consuming job. Office 365 have functionality to provide exact word on DLP policy and Exchange Transport rule.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  13. Right-To-Left in email customization on Office 365 ATP DLP

    Hi Microsoft,
    can you put an option to customize the text to be in RTL

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  14. Transport rule for Alerts

    It would be better if there's a separate transport rule for Alerts.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  15. enable exclusion for body of email for DLP policies

    We have credit card DLP turned on and need to have the ability to exclude test cards that get sent in the body vs real cards. I need a way to put in an exclusion list for cc numbers that will be in the body of an email that we all out while blocking real cards not on the exclusion list

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  16. In Exchange Online Mail Flow Rules, add an option to check for the total number of attachments on a message.

    A user attaching a large number of files to an email could be an indicator of data leakage, eg. sending sales or contact information to a personal account ahead of leaving an organisation. Allowing mail flow rules to act based on an attachment count could provide a quick and easy form of DLP.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  17. Loan and CD account numbers

    Please include Loan numbers in the U.S. bank account number definition. Most other types of bank accounts are in there but types of loans (mortgage, HELOC, etc)

    Also, certificate of deposit numbers

    Thanks

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow for DLP exclusions to occur at the folder level in SPO rather than just at the Site level

    It would be great to exclude a specific folder from being scanned by DLP rather than having to exclude the entire site from scanning. If you follow a "least privilege" type of model and only exclude what is actually needed, it would be a better safer solution.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  19. "Australia Bank Account Number" Data Loss prevention

    It seems that the "Australia Bank Account Number" type hasn't been fully setup with its relevant keywords
    It might have been copied from other countries such as the US details (usa account) which is not relevant.
    It would be great to have the Australian keywords such as Bank Account Number, Bank Account, Account Number, Savings Account, BSB, and so on added to have a more certain detection rate for its contents.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  20. DLP report

    When we download DLP reports from the DLP portal, it doesn't contain the recipient mail ID in the excel. This limitation makes the existing DLP a weak solution, since Business heads will need the recipient mail ID in excel sheet to decide if the DLP incident is genuine or a false positive.

    The recipient mail ID will be in the incident mail triggered, but not having it in the consolidated report exported makes it of less scalable and of less use.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base