Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Improve the flexibility of sensitive labels content markings

    We would like to have more formatting option when adding a header text like a left-aligned 10-inch margin.

    145 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Information Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow attack simulator to record results on non Azure joined devices

    We are trying to run the attack simulator in a hybrid environment but noticed it only records the results of users who opened an attachment if their device is joined to Azure. We currently have our iPhones joined so that test works but since our laptops/desktops are not joined to Azure we are unable to see the results. This is also an issue when using OWA.

    148 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow duration of Retention label to be changed when the retention is based on when the label is applied

    When a retention label duration is based on the date the label is applied, the retention period may not be changed. It can be changed if the Created or last modified is chosen. This is impacting our ability to use the retention policies as they need to be active from the date of application with the capability to change duration in the future.

    103 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Get-MailDetailATPReport - Increase result limit

    The result limit of 10,000 is way to low for a large organization, this needs to be increased to a realistic limit of 1,000,000

    https://docs.microsoft.com/en-us/powershell/module/exchange/get-maildetailatpreport?view=exchange-ps

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support bundling large numbers of keywords as part of and/or conditions inside sensitive info types

    Sensitive Info types used by CC, should offer more flexibility so that we can bundle all phrases associated with a certain behavior in one SI type. For example a collusion SI type might have several hundred combinations like the phrase "Keep this" with supporting phrase "between us" OR "Won't" with supporting phrase "tell anyone", etc. etc. etc. Currently SI types only let you use one primary phrase or set of phrases in combination with one or more supporting phrases. The alternative for us is to create thousands of SI types and you can only add 20 per CC policy.

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Communication Compliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Increase or release the limit for the policy with specific inclusions or exclusions

    I would request you to increase or release the limit on the number of mailboxes for the retention policy with specific inclusions or exclusions. When we create a policy with specific inclusions or exclusions for the retention policy in SCC, we can apply the policy up to 1,000 mailboxes. However, this limit would be a big burden for enterprises in terms of the tenant management as they have a huge number of users.
    Referenced the article below, https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies?view=o365-worldwide#a-policy-with-specific-inclusions-or-exclusions

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. DLP Template for POPI Act - South Africa

    Develop a DLP Template for compliance with POPIA (Protection Of Personal Information Act)

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  8. Push DLPRuleMatch INFO when Policy Tip is shown (outlook online)

    When a user gets a policy tip that their email contains sensitive data, they aren't allowed to send the email until they remove the data.
    In this scenario the management api doesnt get notified that this event ever occured and can't tell that a user was blocked from working.

    Would like the send button press to be detected and to send a rulematch event to the management api.

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  9. Automatically remove deleted auto-applied labels from documents

    Auto-applied retention label, and the policy, was deleted, but the label is not going away for the records that were auto-tagged by this policy.

    For example, we created a new label, assigned a policy that would auto-apply the label based on keywords in the documents of the library. Then we deleted the policy and the label, but the document's retention label didn't disappear. We have waited 7+ days just to be safe, but the label on the record is still there. Is this the intended design? (We opened a ticket with Microsoft and they've confirmed this is the case -…

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Advanced eDiscovery Locations Limited to 42 per custodian

    Currently, the limit to the number of locations that can be added for a single custodian to an Advanced eDiscovery case is 42, per MS Support. Creating cases is already very cumbersome and having to create more than 1 case because a custodian has more than 42 locations in all of Office 365 is an unreasonable ask. Please remove this limit, or at least allow a much higher number of locations to be added per custodian.

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  11. Coauthor on desktop/mobile apps for labelled document.

    Its great function for SPO and sensitive label integration.

    But Co-authoring is not supported, so we hope it will improve for a good user experience.

    > Office desktop apps and mobile apps don't support coauthoring for files that are labeled with encryption. These apps continue to open labeled and encrypted files in exclusive editing mode.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Keep search-mailbox

    Microsoft announced its intention to retire legacy eDiscovery tools on 4/1/2020. We would like to see search-mailbox kept in service at least until all functionality has transitioned to other cmdlets. Search-mailbox is great for determining where a message is in a mailbox. It’s also the fastest tool for retrieving a message from a mailbox for analysis. Granting mailbox access or using content search is not as efficient.

    Please help us keep this cmdlet alive!
    https://docs.microsoft.com/en-us/microsoft-365/compliance/legacy-ediscovery-retirement

    124 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Coded redactions in Advanced eDiscovery

    The redaction on the document gets a Code (i.e. where AeD masks with the word “REDACTED”, code would be stamped instead) A given document can have multiple redaction reasons, so each reason has its own code, i.e. multiple redaction labels on the document. Additionally, a log must also accompany the disclosure stating which documents are redacted and the code/reason for the redaction.

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  14. Ability to view the data that triggered the DLP rule(s) inside the alerts in Security and Compliance center

    Ability to view the data that triggered the DLP rule(s) inside the alerts in Security and Compliance center

    When you create an alert policy for any DLP rules that are triggered, the alert itself does not show what original data triggered the alert.

    It would be nice to have a hyperlink to the offending email/file(s) instead on having to rely on alternative means to find the data.

    32 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  15. Intelligent External Email Tagging

    Currently the system blindly applies an “[External]” tag to an email subject and a notification in the message body. If the email is forwarded or replied to only internal email addresses, the message is again tagged as external, repetitively causing tagged to be applied, resulting a perpetual situation like this with the subject:
     
    [External] RE: [External] RE: [External] Message Subject

    This is for a message that was originally from an external source that got replied to internally multiple times. At this point it is an internal email, but an "[External]" tag is incorrectly applied. The best way to defeat…

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  16. MCAS: Add management reporting capabilities

    MCAS currently provides an alert dashboard and ability to create incidents. On both topics we are missing reporting capabilities to inform our policy and decision makers. For that pupose I wish to have an audit log to query. Can you please add this capability MCAS?

    Reports to present to my policy and decision makers show the facts that MCAS has great value. And at the same time they show that analist need to spend time to handle incidents..

    e.g. per month: 1) How many incidents are opened / closed 2) How long it took to close an incident 3) How…

    58 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  17. Output the content search results in TXT format.

    I would like you to add a function so that you can retrieve data in TXT format instead of PST format when exporting content search results.

    コンテンツ検索の結果をエクスポートする際に、PST 形式ではなくテキスト形式でもデータを取得できるように機能を追加してほしい。

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. Option to create sensitivity lable to encrypt mail but allow forward / print

    We use "confidential" lable to encrypt mails especially send between top level management containing sensitive data, even the assistant with access to management mailbox should not know.
    Sometimes this information need to be forwarded to another manager or to the assistant (eg. coordinate meeting). Currently this is not possible.
    We need the option to implement a "protected" lable which provide encryption, only the recipient can decrypt but recipient can forward / print content.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. Report an issue button on Onedrive not triggering false positive event

    From onedrive or sharepoint on the web. Sensitive data is blocked by dlp policy. I click into the policy tip, I click 'Report an Issue', issue is reported.

    I see no evidence of it in the logs or protection.office dashboards. I checked DLP.All content and sharepoint content, 'DlpInfo' event should be sent to the logs, but I dont see them.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  20. Please add more Phishing Templates for Attack Simulator

    Please add additional Phishing Templates, or create a GitHub repository for the community to collaborate on phishing templates. Other solutions have rich libraries so if Microsoft wants to compete with other phishing simulators, it really needs more choices.

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 113 114
  • Don't see your idea?

Feedback and Knowledge Base