Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Quarantine "Not yet released to" should be near the top of the page

    The "Not yet released to" field would be better near the top of the page instead of at the bottom so you don't have to scroll down to see who the email is going to be released to.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
    • Improve ICD-9/10 detection for DLP

      Currently ICD-10 detection will trigger if an email contains the single word "system", with 85% certainty. An exact code and description match will also trigger with 85% certainty.

      An MS support tech explained that ICD-9 and ICD-10 detection was based on a dictionary lookup that includes the codes AND the code descriptions.This makes this detection mostly unusable, as many common words are detected with no way to distinguish from exact code matches.

      An improved system would primarily use a keyword lookup that matches the CODES only, with additional % certainty for nearby words matching the code DESCRIPTIONs.

      Until some kind…

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
      • Increase size of character limit on Custom Exchange Rules

        Exchange rules have too small of a character limit. If you have a lot of rules you can easily exceed the total rule character limit of 20k
        It is also easy to exceed the 8192 single rule limit when doing custom matches.

        4 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
        • Block Emails from foreign Country TLD like .mx .ru or whatever you dont need

          Block emails from any country that I do not need email from in a built in rule where I can select all countries. This is to block all phish/spam/and emails. If I need a country I can open up that country.

          4 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
          • to create a "Restricted users" exclusion to make sure a specific mailbox is not added to this automatically.

            to create a "Restricted users" exclusion to make sure a specific mailbox is not added to this automatically.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
            • Enable auditing on the OOF feature

              Enable auditing on the OOF Feature. We had a case where the Out of Office kept getting turned off on a shared mailbox and there is no auditing capability for this. Please create auditing on the OOF, turning it on and off again and by whom.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
              • 1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                • 3 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
                  • ATPを検知したとき、スパムフィルター同様、[件名行の先頭にテキストを追加する] 設定ができるようにしたい

                    ATPを検知した際の動作に [モニター]などに加え、[件名行の先頭にテキストを追加する] をできるようにしたい
                    トランスポートルールにて、ATPにて検知された特定の拡張子のファイルをバイパスする方法ならあるが、検知したATPすべてに対して[件名行の先頭にテキストを追加する] を設定したい

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                    • When I detect ATP, I want to be able to set spam [add text to the head of the subject line as well as filter] setting

                      I want to make it possible to add [text to the beginning of the subject line] in addition to [Monitor] etc. when the ATP is detected
                      In a transport rule, there is a method of bypassing a file with a specific extension detected by ATP
                      However, if you want to set [add text to the beginning of the subject line] for all detected ATPs

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                      • Your spam filter is terrible and a blight to the tech community. How do I turn it off?

                        Your spam filter is terrible and a blight to the tech community. How do I turn it off?

                        3 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • .

                          .

                          3 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
                          • Safelinks not rewriting URLs

                            Hi,

                            Apparently if the sender composes ANY URL without pressing space or Enter after and then sends the Email directly, the recipient would receive the email with URL not rewritten and clickable directly.

                            I assume most spammers know this by now and use this method to bypass the ATP safelinks mechanism.

                            Yesterday we recieved a spam mail with a malicious URL which was not rewritten due it did not contain a href link.

                            I checked this with o365 support and they confirmed explanation above.

                            I realize there is some technical difficulty in solving this matter but this needs to be…

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                            • Block email if manager attribute is empty in message approvals

                              message approval action in transport rule will check for empty manager attribute and if manager attribute is empty then will block or reject the message.

                              36 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                              • outbound malware report: dont count NDRs in this report

                                outbound malware report triggers panic.

                                NDRs of malware emails are showing up in the outbound malware report.

                                NDRs probably shouldn't include the virus payload or else such NDRs shouldn't be shown in the outbound malware report.

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Please add to pre-define template alert policies “if suddenly no emails are sent or blocked" per user

                                  Please add to pre-defined anomaly template to alert “if an user sends an average of 40 emails per day and if suddenly no emails are sent or blocked”.

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Multi-cloud support for Microsoft 365 PAM

                                    Support for non-Office 365 and other cloud service providers through privileged access management in Microsoft 365 (e.g. Salesforce, Dynamics, SAP, Service Now etc.)

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                    • DLP for teams

                                      Extend DLP to teams. Mentioned at ignite as "stay tuned" but not showing in o365 roadmap. Can prevent or alert on sensitive information types from being shared via teams chat.
                                      https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/What-s-new-in-Teams-Microsoft-Ignite-Edition/ba-p/252531

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • O365 mailboxes audit log is missing alot of essential data

                                        O365 audit log is only showing the real IP from which a certain mailbox was accessed, this is not helpful and not enough at all, as usually users are accessing internet via PAT real IPs, so it is totally misleading whenever there is any need for a sure piece of information, so at least we need to know the virtual IP, Machine name and the mac address from which any mailbox was being accessed, as real IPs are telling nothing.

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Some widget are displayed in duplicate

                                          When I customizing widgets(Add widget -> Save) in the Office 365 Security and Compliance Home(https://protection.office.com/#/homepage), some widget are displayed in duplicate.
                                          (ex. We're committed to helping on your GDPR journey)

                                          3 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 75 76
                                          • Don't see your idea?

                                          Feedback and Knowledge Base