Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Highlight words that trigger Supervsion policy

    When reviewing messages that have are pending review for a Supervision policy the words or phrases that triggered the policy should be highlighted.

    Currently when I look at messages I have to read the whole thing or the attachment and try to figure out what triggered the policy which is a major waste of time!

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. Mailboxes without license should be automatically excluded from Retention Policy hold

    Retention Policy in Data Governance section requires Exchange Online Plan 2 license to be assigned to each mailboxes on hold.

    However ,when user chooses "Exchange mailbox" in "Select Location" section of the Retention Policy, mailboxes without appropriate license (such as resource mailbox, shared mailbox) are
    included without any notification.

    In order to avoid unintended license violation, there should be a function to automatically exclude mailboxes without appropriate license from being on hold by Retention Policy.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Retention policies for Teams/Chats by AD group

    Retention policies for Teams messages and chats should be assignable by AD group instead of having to manually specify each user individually.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Fix Supervision add-in (Supervisory Review v2) for Webmail

    The Supervisory add in within webmail is broken since the latest updates were done. The add-in was a really good feature that allowed compliance admins to perform supervision via webmail in case there are more then one supervision rules. The outlook version doesn't work better then the webmail version as it requires to create a new profile per supervision rule. Doesnt suit in case an organization has many supervision rules. Would really hope if this could be fixed soon.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Fix Supervision add-in (Supervisory Review v2) for Webmail

    The Supervisory add in within webmail is broken since the latest updates were done. The add-in was a really good feature that allowed compliance admins to perform supervision via webmail in case there are more then one supervision rules. The outlook version doesn't work better then the webmail version as it requires to create a new profile per supervision rule. Doesnt suit in case an organization has many supervision rules. Would really hope if this could be fixed soon.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. Office Online Archive - Set exemption for Calendar, Tasks, Flagged item

    Once you enable online archive for user mailbox, all items (mails, tasks, calendar, flagged mails, Notes) in mailbox are getting moved to online archive. Once Task, Calendar or flagged items are moved to Online Archive, it doesn't appear in to do list/bar or User doesn't receive any reminder for such tasks.
    Pl provide a filter while creating Archiving policy to exclude such items. If we can apply such a policy to specific users that would be great.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  7. Org-Wide report on Forms

    We would like an Org-Wide report of all the questions asked using Microsoft Forms.
    A mechanism for our Information Compliance Unit to monitor any potential breach questions, which might lead to answers providing 'personal, sensitive or confidential' data.

    Ideally a list of all questions should be produced showing user, form name and the question.

    I see this as a compliance centre report, or Azure function perhaps?

    Many thanks

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. I want to be able to check the operation history of the message tracking log in the audit log

    I want to be able to check the operation history of the message tracking log in the audit log
    監査ログでメッセージ追跡ログの操作履歴を確認できるようにしたい。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  9. Creation of forwarding/redirect rule

    So last night this rule triggered for the first time, wasn't really aware of it in the first place.

    Severity:● Low

    Time:6/13/2018 10:00:00 PM (UTC)

    Activity:MailRedirect

    User:person@email.com

    Details: MailRedirect. This alert is triggered whenever someone gets access to read your user's email.

    Description: This alert is triggered when someone in your organization creates an email forwarding or redirect inbox rules using Outlook web app or Powershell -V1.0.0.2

    Now to me this is an incredibly frightening message to receive, since this person has access to extremely sensitive financial information. So since I was thinking this person had been compromised, I…

    99 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. Records management User Group

    A resource to connect with others who have implemented Compliance Center. We could share knowledge and best practices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  11. Retention Label when defined as record don't allow change metadata

    When define a Retention Label as a record don't allow to change metadata (columns) in SharePoint. Now it only not permite change a file, but we can change metadata related to the file in document library.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. O365 security compliance alert policy should be added with feature to configure alert when forwarding mail to external domain

    O365 security compliance alert policy should be added with feature to configure alert when forwarding mail to external domain

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  13. Retention label rules should also apply to Document Sets in SharePoint

    Currently it's possible to apply a retention label to a Document Set in SharePoint, which means that all documents in it are retained and disposed according to the rules set on the label. But the Document Set are not disposed of, only documents within it. As Document Sets usually have custom metadata (e.g. Personal Identifiable Information) which is subject to data retention regulations, it is necessary for Document Sets to be subject to the label rules as well.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  14. Customization option for the Justification pop-up

    We are using Azure Information Protection Unified labeling in our tenant. We have enabled the feature "User must provide justification to remove a label or lower classification label" under a Label policy. However the requirement is to have a pop up message asking for a simple message like "are you sure to downgrade the label of this email/document?" when a user is downgrading a label and this activity will be reported to DLP team/manager if user said yes rather than pop up to capture Justification with the options "Previous label no longer applies, Previous label was incorrect and others (explain).".…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  15. When using Sharepoint lists, sync'd through OneDrive on Mac, ALL deleted items go into Trash

    When using Sharepoint lists, sync'd through OneDrive on a Mac, ALL deleted items, no matter what the permission level in SharePoint, are sync'd to all user's local Mac Trash bins. This causes potential compliance breaches with users being able to access confidential information. According to MS support this is a 'feature' and cannot be disabled. I suggest that there be an option to disable this.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  16. Would like the ability to not save any converation history in Microsoft Teams. Want to be able to have it delete upon exit.

    Right now we only have the ability to delete conversation history in Teams after 30 days, however we work for an Attorney and we don't want any teams data saved at all. Want the ability to have it auto deleted upon exit. Due to client confidentiality and security reason we can't have that saved or the ability for others to access that data.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. Archive LinkedIn and other social media

    Now that Archive third-party data has been added to the Data Goveranance\Import location when will LinkedIn be available?

    Interesting that the first two connectors available is for FaceButt and Twitter but not LinkedIn!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add tooltip

    As Office 365 security and compliance becomes more and more complicated in regards to required licenses, please consider adding tooltip for each setting about license requirement for that specific setting.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. ContentType

    There are content types Audit.General, Audit.SharePoint, Audit.Exchange, Audit.AzureActiveDirectory and DLP.All but did'nt find content type returning data for "Security And Compliance Centre".So i think this should be added to microsoft doc.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. メールが有効なセキュリティ グループを電子情報開示管理者のサブグループに追加

    セキュリティ/コンプライアンス センターの PowerShell で Add-RoleGroupMember コマンドレットを使用して、メールが有効なセキュリティ グループを電子情報開示管理者のサブグループのメンバーとして、電子情報開示管理者の役割グループに追加できます。 ただし、メールが有効なセキュリティ グループを電子情報開示管理者のサブグループに追加することはできませんとなっていますが、メールが有効なセキュリティグループも追加できるようにしていただきたいです。

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base