Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Keep search-mailbox

    Microsoft announced its intention to retire legacy eDiscovery tools on 4/1/2020. We would like to see search-mailbox kept in service at least until all functionality has transitioned to other cmdlets. Search-mailbox is great for determining where a message is in a mailbox. It’s also the fastest tool for retrieving a message from a mailbox for analysis. Granting mailbox access or using content search is not as efficient.

    Please help us keep this cmdlet alive!
    https://docs.microsoft.com/en-us/microsoft-365/compliance/legacy-ediscovery-retirement

    74 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow deletion of "Other Suggestions" entries in Outlook

    The "Other Suggestions" list that pops up when you type an email address in the To: field in Outlook can quickly become cluttered with outdated and inaccurate entries. There is currently no easy way to delete these suggestions.

    Please provide a way to delete these entries one by one as you do with the "Recent People" autocomplete list (Del key or X button on right hand side) as well as a way to clear all entries.

    148 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Log Audit Log Searches and Exports in Audit Log

    Every global Admin can access the audit log - there is no way to control the usage of the Audit log !
    Audit Log can contain sensible user data and every global Admin can access this information without any documentation.
    So please log every search in Audit Log - who has searched what.

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Quarantine notification emails: please change it back.

    The new Quarantine notification emails are not useful.
    The layout is very inefficient with screen real estate and difficult to read on a computer, and unreadable on a smartphone.
    Also, end users need the ability to release valid emails directly from the Notification message on a smartphone, instead of forcing them to log into the Quarantine web page (which is also unusable on a smartphone).

    74 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Raise limit for specific inclusion / exclusion policies for retention and deletion

    A retention policy for specific inclusions / exclusions can contain no more than 1,000 mailboxes and 100 site collections. A tenant can contain no more than 10,000 retention policies. Our organizational entities are more than the limits, which blocks us from using this feature. See: https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. Record retention label - Disable "Record Status" toggling feature

    Based on Microsoft new feature release in Jan 2020, it allows user to toggle "Record status" to lock / unlock for a documents that are being applied with record retention labels. This feature is undesirable whereby it allows users with "members" rights to unlock and modify a record. We wish to have more control in terms of record handling and wish to disable this feature. Is there a way to hide this option from users and only allow site collection administrator to do so?

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. Allow end users to release, delete, report via End User Spam Notification

    Recently, End User Spam Notification was modified and now end users are unable to "Release", "Block" quarantined spam emails from End User Spam Notification mail.

    I understand that end users must navigate to Security Compliance Center to do so, but I would like to do so from End User Spam Notification mail, so I want an option to bring back the old style End User Spam Notification.

    61 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Support Brand Indicators for Message Identification (BIMI) for better brand recognition and user sender awareness

    today EOP/EXO supports Microsoft’s Business Profile Program to show logos for verified sender. Please add support for BIMI as an industry wide standard for displaying logos. Good explanation can be found here. https://office365itpros.com/2018/12/06/email-company-logos-office365/

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Spam Notification - Show actual sender email address

    current Spam Notification email to users is showing incorrect (spoof email display) sender email address. request to have the actual sender email address be use in the Spam Notification email to user so user can make informed decision.

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enable DKIM for Office 365 Home with custom email domain

    The Office 365 Home subscription allows you to use your your own email domain. However, there is no option to enable DKIM and without it, outgoing email often ends up in the recipient's Spam folder, making the custom email domain capability useless.

    Please expose the DKIM setting on the UI for O365 Home subscribers.
    The feature itself is already implemented and available in the Business edition, but requires the Admin panel which does not exist in Office 365 Home.

    https://office365.uservoice.com/forums/273493-office-365-admin/suggestions/38177803-enable-dkim-for-office-365-home-with-custom-email

    50 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enforce Microsoft Authenticator App Lock

    We would like to enforce the 'app lock' setting on the Microsoft Authenticator app to force users to either enter their device passcode or use biometric authentication before opening the app.

    This could be through an Intune app config or a built in setting.

    Currently if an unlocked device was compromised, the attacker would be able to circumvent account MFA security.

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. backup archive export audit logs and message trace

    as MS365 have a limitation of storing 90 days of information. we need a way to backup / archive / export these information for legal or investigation requirements.

    59 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Attack Simulator: Phishing Login server URL detected by common browsers (Chrome, Internet Explorer, Edge) as "Deceptive" or "Unsafe"

    When clicking on the link produced by the Spear Phishing attack simulator in https://protection.office.com/attacksimulator (Phishing Login server URL), common browsers like Chrome, Edge, or Internet Explorer detects the site as "Deceptive" or "Unsafe". This results to a failed simulation as no user will attempt to click on "visit this unsafe site". Even if the users click on the link, that of which is recorded, the test will always have a 0% Success Rate.

    Is there anyway that Microsoft can coordinate with the common browsers to "whitelist" all their Phishing Login server URLs?

    132 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →

    The core cred harvesting URLs in attack simulator are allow-listed in SmartScreen (the technology used in Explorer and Edge), so they shouldn’t be blocked with those browsers. Chrome is usually the biggest problem, and Microsoft has been unsuccessful in convincing Google that they should include our phish training URLs in their default allow-lists. Instructions on how to deploy a client policy that allow-lists the cred harvesting URLs for Chrome can be found here:
    https://support.google.com/chrome/a/answer/7532419?hl=en

    At the moment, the following URLs are included in the M365 Attack Simulator:
    http://portal.docdeliveryapp.com
    http://portal.docdeliveryapp.net
    http://portal.docstoreinternal.com
    http://portal.docstoreinternal.net
    http://portal.hardwarecheck.net
    http://portal.hrsupportint.com
    http://portal.payrolltooling.com
    http://portal.payrolltooling.net
    http://portal.prizegiveaway.net
    http://portal.prizesforall.com
    http://portal.salarytoolint.com
    http://portal.salarytoolint.net

  14. Alerts for when a user logs into another machine (login notifications)

    Add an option for Alert Policies in the Security and Compliance Admin Center for activities like users logging into another machine or devices and administrator activities within the tenant.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  15. Show the error code and the e-mail address for recipient_status in the inclusive report of message trace

    If recipientstatus in the inclusive report of message trace has huge amount of content, the undelivered e-mail address get coded, and we cannot identify them. So, I would like you to show the undelivered e-mail address correctly in the inclusive report of message trace. Additionally, the error code in recipientstatus also gets coded. I want to see the error code as well.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow powershell scripting in Advanced eDiscovery

    I have scripted out the entire eDiscovery process in E3 eDiscovery which allowed us to save time and money, and repeat searches with minor variations very easily. With Advanced eDiscovery, I am unable to do so. Please add powershell scripting support (or provide the documentation) so we can streamline our collection and export processes.

    159 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    working on it  ·  1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  17. Microsoft Authenticator needs to display the machine / device name, application and location

    When Microsoft Authenticator pops up on your phone there is no indication of what device is requesting the authentication. It would be much better if the machine or device name, application and location was shown so that you know you are verifying a request that you have made

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Compliance score actions aren't able to be completed when its an Automatically Monitored action

    We're looking to follow some improvements as guided from the Microsoft Compliance Score. As an example: Improvement actions -- Allow Mailbox Delegation Only When Authorized. I understand the requirement, and have run PowerShell scripts to get data, and I'm satisfied that all the current delegates are Authorised. However, as this is an automated test, there does not appear to be anywhere where I can acknowledge this as complete or acceptable etc? And so the score remains unaccounted for? Is there a way to update this and other Automatically Monitored actions?

    When they are not Automatically Monitored actions, there is an…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. Advanced Threat Protection Whitelist 2019

    ATP needs a way to whitelist inbound email (IP or domain) from being quarantined as malware. Back in 2016 this issue was resolved by adding exchange mail flow rules to add headers. However, this method no longer works, and Microsoft support (ticket 12611412) confirms that ATP filters before mail rules are applied, and there is no way to whitelist inbound IP's to bypass ATP malware filtering. The only options in the settings is based on recipient. In my case, I want to whitelist to allow a Security Awareness Training provider to send test emails to our users. ATP is incorrectly…

    266 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    21 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  20. Extend Information Barriers to SharePoint Online and OneDrive for Business

    Currently, Information Barriers is only available in MS Teams to allow the creation of policies preventing certain regulated or sensitive groups from interacting in MS Teams with other groups.

    This is a very useful solution in companies with a mix of heavily regulated and not so heavily regulated users. Outside of Teams' chats and conversations, companies with regulated document collaboration requirements have little options available. Some of which include deploying separate O365 instances just to be able to segregate all collaboration between sensitive users. As a consequence, this adds unnecessary Azure AD tenant and O365 management complexities which could potentially…

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 97 98
  • Don't see your idea?

Feedback and Knowledge Base