Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Alerts for when a user logs into another machine (login notifications)

    Add an option for Alert Policies in the Security and Compliance Admin Center for activities like users logging into another machine or devices and administrator activities within the tenant.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  2. Need more details in Spam detections report

    You can check the number of Spam IP block or Spam DBEB filter in Spam detections report, but their details are not provided. So, we would like to check their details in the report.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow export of Detail Data to .csv for All reports in the Security and Compliance Dashboard

    Users with access to view the reports in the Security and Compliance Center should have access to export the detail data to a .CSV. The table of data is already available, but there is no option to export and the formatting on a copy and paste is all but useless.

    This functionality already available for the usage reports in the Office 365 Admin Center, so it does not see like it would be a new build. This is vital for our security team to be able to provide an Executive Summary to our leadership to educate them on the security…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  4. S/MIME signature for quarantine notifications

    Quarantine notifications contain links where a user is supposed to click on. These messages are easy to fake. We use S/MIME signatures throughout our organisation and have instructed our users to only trust properly signed messages and double check all unsigned messages and handle attachments and links within mails with extreme caution. An S/MIME signature would make mails from Microsoft much more trustworthy.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  5. Email notification with location of IP when user login.

    I want to received user login notification with server IP address and location the same information what I can get query IP address with WHOIS. It will help for detect intruders trying to login from other countries.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  6. Secure Score - "Security defaults" in Azure not counted

    When you migrate from Conditional Access to Security Defaults, all security score points are lost.
    That means "security defaults" in Azure isn't counted against the Secure Score board.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  7. I would like to see a report/graphics how many email we do get from other countries either by domain or IP or better both.

    I would like to see a report/graphics how many email we do get from other countries either by domain or IP or better both options.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  8. Report all attachments scanned by Advanced Threat Protection Safe Attachments

    Currently reporting for Safe Attachments only shows malicious files. This makes it difficult to verify that Safe Attachment scanning is working as intended. It would be beneficial to be able to verify in a report detail regarding all attachments that have been scanned and marked as safe.

    This idea stems from a situation were Advanced Threat Protection was not scanning attachments for a tenant despite being configured to do so. Without checking through message traces or verifying with end users it was not possible to verify if it was working or not. The issue was further complicated as the reporting…

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  9. DLP articles

    There are only a few articles about DLP policies and reports that Microsoft has. Please create a few more article about the different properties for the DLP reports for different workloads

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  10. Option to extract the "sent and received email reports"

    Option to extract the "sent and received email report" like we can in many other report types.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  11. Get a report for all the items in the report dashboard in SCC

    We receive an email for the Sent and received email report by creating schedule, and this is the only point of entry to know its content and it’s same for other schedule-based data. But admins need to collect all these schedule-based to deliver the report to employees. So, I think it would be great if we can create a report including all the content in the report dashboard in SCC.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  12. Defender ATP Columns for machine lists view

    if we can add the columns for most logged in user and last logged in user, this will make the tool even better when we pull a report for looking for a compromised end user quickly.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  13. secure score filter by user licence

    Should be able to filter secure score recommendations based on the licence types within the tenant. For example, If the tenant is primarily an Office 365 / EMS E3 User base, you should be able to choose to ignore all Office 365 / EMS E5 User base security recommendations.

    Raised from Tech Community request

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  14. Request an API to get SCC dashboard reports

    SCC dashboard reports are very useful. We have an API https://docs.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-1.0, but it doesn't cover SCC dashboard reports.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  15. Alert Excessive User Messages

    It is known with Exchange Online when a user sends excessive emails that their account will be blocked to prevent blacklisting. However there are no reports available for administrators to see this prior to the incident, Need a report option that as admins we can set a criteria on the number of emails sent from a mailbox prior to reaching the quota created by Microsoft. For example, more than 50 emails in 5 minutes, an alert would be triggered sending an email to an administrator.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  16. Obtain every data configured in Reports for Download all together

    It would be great if we can export all the data in .csv file when obtaining multiple report data at once from SCC. Admins can receive emails for the submitted report request but it covers only each of the reporting category, and it takes time to check all the data we need.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  17. Select admin preferred language for the report message sent from SCC

    I would like to select preferred language when sending the report message from Security & Compliance center because currently it can be sent in English only and have to take some time to translate as given the report message to everyone else in the organization. So it would be great if an admin can select the language for the message in advance.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  18. Secure Score Export

    The Secure Score export option is currently not functional. There is no way to export to Excel or PDF for reporting or to use the data in other tools other than the Graph API.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  19. Fix misleading logging of Login Failure

    In some situations a failed login event is classified as User Logged In, and the event detail has a ResultStatus of Succeeded with ResultStatusDetail of Redirected. This is quite confusing and risks failed login events from attackers being filtered out of critical reports. The support folk have advised this is normal behavior, but it looks like poor design to me and should be fixed. The Activity should be recorded as Login Failed or Login in Progress

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  20. Generate alert when file(s) shared externally

    Hello,
    Would be great to notify tenant admins/compliance admins if in SharePoint or OneDrive, files were shared with external source and use some limits,
    As example, if I'm sharing 100 files with external source, then notify admin about this activity.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base