Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. We would like to request improvement in the behavior of Internet explorer 11 where [sensitivity labels] is not displayed.

    We have confirmed that [sensitivity labels] does not appear on IE 11 in multiple environments.
    Therefore, we request that you improve the behavior of not being able to display "sensitivity labels" in IE 11.

    <日本語訳>
    複数環境にて、IE 11 で [秘密度ラベル] が表示されない動作を確認しております。
    そのため、IE 11 で [秘密度ラベル] が表示されない動作の改善を要望します。

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. Content Search filter export/report results

    So currently the only option to export results from Content Searches is to either view the very limited preview (which currently doesn't expand the Sender: address to a full email address), and I think might have numerical restrictions, or to export full emails.
    We had a business requirement come in that Content Search would've helped us achieve had it had the ability to filter the output emails down to just certain fields.
    The requirement was to go back in time searching across all emails in the organisation to get a large list of only the sender domains.
    Currently the only…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Sensitivity Label settings should be separate for emails and documents

    Settings should be adjusted in the Sensitivity Label policy to have separate settings for emails and for documents. There is currently only one setting to require a label for both documents and emails.

    There should be two separate configurations - one to ask if labels should be required on documents (and what default label should be applied). Another should ask if labels should be required on emails (and what default label should be applied).

    During initial rollout, the first focus is on having users label their files, and pushback will be received when all users have to change the label…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add CIS Benchmark for O365 & Azure to Compliance Manager Templates

    Please can you add the CIS Benchmark Template for O365 & Azure in the Compliance Manager.

    Thanks!

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Increase the New-ComplianceSearchAction job purge limit

    Please Increase the New-ComplianceSearchAction job purge limit from default valu 4 to 10 or more. This really limit our daily Phishing mail deletion ability.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. DoD Cybersecurity Maturity Model Certification (CMMC)

    DoD is creating security controls for the Cybersecurity Maturity Model Certification, a certification that all federal contractor companies must obtain in the very near future. It will be nice to have the CMMC compliance requirements added as an assessment template.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  7. over all experience.

    The Security a and compliance “experience” is BAD. To do an ediscovery I need to find a role group ending in “preview”[as per the message displayed on the search page]… that role group does not exist as it is an assignment to an existing role group “Security readers” – and I might add that Azure Ad has a “security readers” role group [not the same one], Exchange has a “Security Readers” not the same one… Security has a “Security readers… not the same one…. Do you see a pattern forming here? Once you see the pattern should be no surprise…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. How do you find messages you accidentally "removed from quarantine"?

    I accidentally clicked "remove from quarantine" thinking it was "releasing" and now I can't find the message. Please help?

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  9. Improve Accuracy of Default Unusual External User File Activity Alert

    These alerts are supposed to be based on machine learning but MS Support has confirmed they are based on simple threshold settings. Considering acceptable actions like syncing a OneNote site notebook, performing quick edit on library metadata, or bulk dragging/dropping docs into a library, will trigger this alert... then the alert is useless.

    "Unusual" file activity by an external user should include one-time attempts to access system pages such as the permissions page (/_layouts/15/user.aspx)… as well as machine-learning-based adaptive thresholds which adjust to the typical behavior of our invited external users (of whom we have a lot, resulting in tons…

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. Compliance score actions aren't able to be completed when its an Automatically Monitored action

    We're looking to follow some improvements as guided from the Microsoft Compliance Score. As an example: Improvement actions -- Allow Mailbox Delegation Only When Authorized. I understand the requirement, and have run PowerShell scripts to get data, and I'm satisfied that all the current delegates are Authorised. However, as this is an automated test, there does not appear to be anywhere where I can acknowledge this as complete or acceptable etc? And so the score remains unaccounted for? Is there a way to update this and other Automatically Monitored actions?

    When they are not Automatically Monitored actions, there is an…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  11. .jar file is not allowed to send for one user even when we create a Anti-Malware policy- confirmed by MS technical support over call!!

    Idea is to allow single users to receive.Jar files when we create a separate anti-malware policy.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. Fix Compliance templates

    NIST Compliance Template is not fully functional. Not al controls are able to switch to implemented or NotInScope.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  13. The Concept of "Event" in M365 'Records Management' is Way Too Convoluted And Error Prone

    We need an easy way to create "events." Just reading through the documentation gives me a headache, and really there is nothing about this flow that simulates a "real-life" event. Why can't we create an event and all the supporting labels, and minutia?

    This is far too complicated and downright strange in my opinion. E.G. "An event is a specific occurrence of a predefined event type. Event types are associated with labels that, when applied to content, classify the content as that specific type. If an actual event occurs, such as a user leaves your organization, you'll create an event…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  14. Why is there no template for Finma

    The FINMA check list is available for download, why can I not simply select and apply a FINMA compliance template for secure score

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  15. New Zealand (NZ) Sensitive Information

    Add NZ Sensitive Information to the Sensitive Label template - e.g. Drivers Licence, Passport No, Bank Account No, IRD Number, etc.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  16. Is archiving required in order to turn on deletion in O365 email?

    Can I simply turn on auto deletion without using archiving?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. The ability to view records that have been extended in disposition list

    The ability to view records that have been extended in disposition list

    If you add an extension there is no way or the ability to find the extended files or the reason why they were extended

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  18. ability to display a user's permissions in office 365 security

    I am trying to find how to search for a user and have all their office 365 security permissions to show up?
    instead of searching each MS365 security permission role group for membership

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. You broke the compliance button

    The compliance button now shifts to all lowercase security on any screens from the admin screen. Please fix

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Export PST to OneDrive or Team Sites

    Export results of Content Search directly to a OneDrive or Team Site instead of having to download to local drive and then push back up. This is necessary due to the bandwidth limitations on large exports.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base