Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Change retention policy functionality for Teams so that it works on teams below 10mb in size

    Change retention policy functionality for Teams so that it works on teams below 10mb in size.

    As of today, any Team has to be at least 10mb in size for any retention policy to work on that particular team. This is because the Managed Folder Assistant will not run for mailboxes below that size limit. I have yet to understand the reasoning behind this limitation??

    For Teams the limitation as described is especially problematic in that the mentioned 10mb size is calculated based solely on the "totalitemsize" property on the team's mailbox. This is a problem, since that value does…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. The ability to turn off or disable the quarantine filter.

    I utilize AppRiver to Filter my Mail
    I see no reason that I cannot disable this even through a transport rule.
    We need the ability to turn off this filtering.
    Otherwise, I am maintaining two email filters which are double the effort.

    Please and thank you !

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Split O365 labels for Protection from O365 labels for Retention

    Do not integrate Protection settings and Retention settings please.

    Retention policies within my organisation are related to data types (or content types), not related to protection. If you use only SharePoint then retention policies can be implemented using SharePoint content types, however when looking wider then SPOL, you can implement Retention policies using O365 labels. Using the O365 label integration with SPOL library settings was a good start.
    However integrate O365 labels and AIP labels (as I saw at a recent Ignite session) is not a good idea. If you are going to combine Protection and Retention in ONE label…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Retention label rules should also apply to Document Sets in SharePoint

    Currently it's possible to apply a retention label to a Document Set in SharePoint, which means that all documents in it are retained and disposed according to the rules set on the label. But the Document Set are not disposed of, only documents within it. As Document Sets usually have custom metadata (e.g. Personal Identifiable Information) which is subject to data retention regulations, it is necessary for Document Sets to be subject to the label rules as well.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Mailboxes without license should be automatically excluded from Retention Policy hold

    Retention Policy in Data Governance section requires Exchange Online Plan 2 license to be assigned to each mailboxes on hold.

    However ,when user chooses "Exchange mailbox" in "Select Location" section of the Retention Policy, mailboxes without appropriate license (such as resource mailbox, shared mailbox) are
    included without any notification.

    In order to avoid unintended license violation, there should be a function to automatically exclude mailboxes without appropriate license from being on hold by Retention Policy.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. To allow DUO MFA with the Attack Simulator in Security and Compliance

    To add DUO MFA as an acceptable MFA option to run the Attack Simulator in Security and Compliance

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enable the Alert Policy to capture the user logon activity

    Audit Log Search -> New Alert Policy
    The option "User Signed in mailbox" doesn't work.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add retention tags for Notes and Calendar

    Please add the Notes and Calendar from the Exchange Admin Center to new Compliance / Security section

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  9. compliance manager

    GDPR - "Statement of Applicability"

    I'd like to see a statement similar to what we are familiar with in ISO27K - addressing which controls are excluded from Annex A.

    With regards to GDPR I'd rather go for which Articles are not covered and why. Otherwise there will be endless discussions for completeness.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support 'guest users' as collaborators on Cases.

    Support 'guest users' as collaborators on Cases.

    It seems like a defect that guest users are not currently supported as collaborators.

    In a support case I was told: 'As we have discussed it is by design that we can not assign a guest user as e-discovery manager'.

    If this is the case, then the design is flawed: While it is possible to assign a Guest AD User as a collaborator on a Case. It then does not work - they are not granted access. They can login to Security and Compliance center, but unable to view assigned Case.

    Please fix…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  11. Compliance manger needs localisation -- german

    Compliance manger needs localisation -- german and referal to german DSGVO terms

    legally you cannot expect from german non certified lawyers to "translate" e.g. must into have to or shall or maybe etc.
    So I would expect Microsoft to do this and match it against local DSGVO laws incl. German regulations

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. To have a separate domain whitelist for Sharepoint and Onedrive

    There are situations where Admins will want to restrict Onedrive sharing to within a set of domains while selective sites in Sharepoint to have the ability to share out to more.

    This is current not possible and a compromise has to be made for this compliance requirement.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  13. Additional compliance standards

    Additional compliance controls could be added (ie, ISO20000, CMMI, etc) that can be self managed but could be a hub for all compliance activities. For those of us having to comply with multiple standards it's difficult to split assessments and management across multiple tools.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  14. Enabling MDM to work with Pattern unlock mode on mobile devices.

    Enabling MDM to work with Pattern unlock mode on mobile devices as it does with fingerprint. not sure if it works with facial recognition but that is a thought as well. Improve MDM's security with today's technology.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  15. Retention Label when defined as record don't allow change metadata

    When define a Retention Label as a record don't allow to change metadata (columns) in SharePoint. Now it only not permite change a file, but we can change metadata related to the file in document library.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow for the creation of a custom sensitity type with Finger Printing in the security and compliance centre.

    Allow for the easy creation of a custom sensitity type with Finger Printing (like in Exchange Online) in the security and compliance centre. When DLP engines are merged, allow AIP to use "finger printed" sensitivity types as a condition for recommend or auto classification

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. Show expiry date on documents in OneDrive and all ShrePoint Online Sites from the global retension labels

    Having set up a retention label to delete all documents in users OneDrive's and SharePoint Sites if not modified in last 7 years the users do not get to see a expiration date against all documents.

    The expiry notice does work with Email Retention, it would be good if the same was seen on documents

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  18. Limited Search/Only Display objects able to search fo

    I have setup a rolegroup in compliance this group is only able to search mailboxes that have a custom attribute set (compliance filter) we would like 2 things to occur
    1. the users in the rolegroup should only see in the mailbox list the mailboxes they have rights to search.
    2. Once they create a search they should only be able to manage their results and no other ones currently they can see and modify other users searches

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. Reduce the amount of time needed to view the activity list in an alert

    It takes at least an hour before I can see the data in an activity list of an alert.
    In a redirect/forward creation rule alert, the details in the activity list are very important when you need to ***** the potential security risk. And you want to be able to do it immediately and not to wait an hour for it.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Policy to monitor User Login and actions

    We'd like to create "super admin" that does not have MFA. As a Global Admin, we would like to know when this account is logged into and what it is doing. This account would not be used unless required, but would be a more generic name so access could be assigned to more than one person. I can't see a way to be notified for login access with the policy options today.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base