Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow duration of Retention label to be changed when the retention is based on when the label is applied

    When a retention label duration is based on the date the label is applied, the retention period may not be changed. It can be changed if the Created or last modified is chosen. This is impacting our ability to use the retention policies as they need to be active from the date of application with the capability to change duration in the future.

    100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. Push DLPRuleMatch INFO when Policy Tip is shown (outlook online)

    When a user gets a policy tip that their email contains sensitive data, they aren't allowed to send the email until they remove the data.
    In this scenario the management api doesnt get notified that this event ever occured and can't tell that a user was blocked from working.

    Would like the send button press to be detected and to send a rulematch event to the management api.

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. Advanced eDiscovery Locations Limited to 42 per custodian

    Currently, the limit to the number of locations that can be added for a single custodian to an Advanced eDiscovery case is 42, per MS Support. Creating cases is already very cumbersome and having to create more than 1 case because a custodian has more than 42 locations in all of Office 365 is an unreasonable ask. Please remove this limit, or at least allow a much higher number of locations to be added per custodian.

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  4. Coded redactions in Advanced eDiscovery

    The redaction on the document gets a Code (i.e. where AeD masks with the word “REDACTED”, code would be stamped instead) A given document can have multiple redaction reasons, so each reason has its own code, i.e. multiple redaction labels on the document. Additionally, a log must also accompany the disclosure stating which documents are redacted and the code/reason for the redaction.

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. Keep search-mailbox

    Microsoft announced its intention to retire legacy eDiscovery tools on 4/1/2020. We would like to see search-mailbox kept in service at least until all functionality has transitioned to other cmdlets. Search-mailbox is great for determining where a message is in a mailbox. It’s also the fastest tool for retrieving a message from a mailbox for analysis. Granting mailbox access or using content search is not as efficient.

    Please help us keep this cmdlet alive!
    https://docs.microsoft.com/en-us/microsoft-365/compliance/legacy-ediscovery-retirement

    118 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Report an issue button on Onedrive not triggering false positive event

    From onedrive or sharepoint on the web. Sensitive data is blocked by dlp policy. I click into the policy tip, I click 'Report an Issue', issue is reported.

    I see no evidence of it in the logs or protection.office dashboards. I checked DLP.All content and sharepoint content, 'DlpInfo' event should be sent to the logs, but I dont see them.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  7. MCAS: Add management reporting capabilities

    MCAS currently provides an alert dashboard and ability to create incidents. On both topics we are missing reporting capabilities to inform our policy and decision makers. For that pupose I wish to have an audit log to query. Can you please add this capability MCAS?

    Reports to present to my policy and decision makers show the facts that MCAS has great value. And at the same time they show that analist need to spend time to handle incidents..

    e.g. per month: 1) How many incidents are opened / closed 2) How long it took to close an incident 3) How…

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow deletion of "Other Suggestions" entries in Outlook

    The "Other Suggestions" list that pops up when you type an email address in the To: field in Outlook can quickly become cluttered with outdated and inaccurate entries. There is currently no easy way to delete these suggestions.

    Please provide a way to delete these entries one by one as you do with the "Recent People" autocomplete list (Del key or X button on right hand side) as well as a way to clear all entries.

    209 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow content with Sensitivity labels using encryption stored in OneDrive to be discovered in eDiscovery searches

    The current tooling for eDiscovery does not allow for content protected with sensitivity labels to be discovered using eDiscovery.

    If MS’s eDiscovery tools cannot even see the documents, organizations would not be able to comply with any litigation hold obligations and discovery collection obligations. All/Most companies would face sanctions if it didn’t comply with preservation obligations and obligations to collect the documents and provide them to the other side as part of the litigation process.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support Brand Indicators for Message Identification (BIMI) for better brand recognition and user sender awareness

    today EOP/EXO supports Microsoft’s Business Profile Program to show logos for verified sender. Please add support for BIMI as an industry wide standard for displaying logos. Good explanation can be found here. https://office365itpros.com/2018/12/06/email-company-logos-office365/

    86 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Log Audit Log Searches and Exports in Audit Log

    Every global Admin can access the audit log - there is no way to control the usage of the Audit log !
    Audit Log can contain sensible user data and every global Admin can access this information without any documentation.
    So please log every search in Audit Log - who has searched what.

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Improve message trace description

    We would like to see more details in the message trace.
    For example It should show us a exact reason why the email is marked as spam or junk. Instead just mentioning marked as spam.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  13. Insider Risk Management should support Japanese language

    It would be great if Insider Risk Management would support Japanese as well.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Insider Risk Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Report Message Add-in for GCC

    Seems pretty odd that the report message add-in doesn't work in government tenants. It is definitely something that should be enabled.

    78 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Quarantine notification emails: please change it back.

    The new Quarantine notification emails are not useful.
    The layout is very inefficient with screen real estate and difficult to read on a computer, and unreadable on a smartphone.
    Also, end users need the ability to release valid emails directly from the Notification message on a smartphone, instead of forcing them to log into the Quarantine web page (which is also unusable on a smartphone).

    80 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Raise limit for specific inclusion / exclusion policies for retention and deletion

    A retention policy for specific inclusions / exclusions can contain no more than 1,000 mailboxes and 100 site collections. A tenant can contain no more than 10,000 retention policies. Our organizational entities are more than the limits, which blocks us from using this feature. See: https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies

    72 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Please add more Phishing Templates for Attack Simulator

    Please add additional Phishing Templates, or create a GitHub repository for the community to collaborate on phishing templates. Other solutions have rich libraries so if Microsoft wants to compete with other phishing simulators, it really needs more choices.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enforce Microsoft Authenticator App Lock

    We would like to enforce the 'app lock' setting on the Microsoft Authenticator app to force users to either enter their device passcode or use biometric authentication before opening the app.

    This could be through an Intune app config or a built in setting.

    Currently if an unlocked device was compromised, the attacker would be able to circumvent account MFA security.

    139 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable DKIM for Office 365 Home with custom email domain

    The Office 365 Home subscription allows you to use your your own email domain. However, there is no option to enable DKIM and without it, outgoing email often ends up in the recipient's Spam folder, making the custom email domain capability useless.

    Please expose the DKIM setting on the UI for O365 Home subscribers.
    The feature itself is already implemented and available in the Business edition, but requires the Admin panel which does not exist in Office 365 Home.

    https://office365.uservoice.com/forums/273493-office-365-admin/suggestions/38177803-enable-dkim-for-office-365-home-with-custom-email

    77 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. To generate statistics report for all emails sent to internal users or sent by external users

    we tried to make query on [security centre]> [report] > [dashboard] > [sent/recieved email item report] to get statistics on how many mail items are sent by external users and how many mail items we are reciving from internal users but we could not make functionable query in order to get the results.
    we would like to have query that acutually works.

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 106 107
  • Don't see your idea?

Feedback and Knowledge Base