Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Export Full Urls from Threat Management > Explorer

    In Microsoft Security and Compliance > Threat Explorer, it allows you to export emails that you searched for based on different criteria. In the exports, it doesn't give you a list of the urls contained in each email. I would like to see this functionality.

    It's helpful because sometimes a phishing campaign uses several different urls and currently there isn't an easy way to determine them without a lot of manual work.

    Thanks,

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improve International Spam Filtering

    In our troubleshooting with MS to reduce flood of approx.11,500 spam / unsolicited email messages for a particular user, we've implemented International Spam filtering (regional filter). This setting checks to see if the IP address sending the emails are from a specified region.

    We recommend this setting also include blocking the top level domains (TLDs), or at least that verbiage that this is a geolocation type of technology (IP address, etc.) be added (i.e., tool tips, support documentation, etc.).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. Provide than ability to purge more than 10 items at a time.

    I need to purge over 10000 items for PCI compliance and do not want to have to run the purge 100's of times to accomplish this.

    Thanks,

    Scott

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Increase the number of allowed blocked IP ranges in Azure AD

    Whenever my company receives a phishing email or an account is compromised, we ban every IP that the hosting company they used owns. Over time this has cut down on the number of compromised accounts as the malicious links couldn't be loaded when clicked on.

    We recently hit a hard cap on the number of allowed blocked IP ranges. We would like for the cap to be removed or increased as there are still plenty of sketchy hosting companies that we have not blocked the IP ranges of yet.

    This is a major security concern for us and could potentially…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. OME and AIP Encrypted documents should be decrypted at export with Microsoft eDiscovery

    OME and AIP Encrypted documents stored in O365 data sources should be decrypted at export with Microsoft eDiscovery for compliance purposes

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  7. ediscovery

    Please add ability to search and Tag documents and then use those tags in the Content Search/eDiscovery. For example, run search and tag all documents that are responsive to this search with some sort of tag.
    So when next time when running a new search, those documents can be searched or excluded from results by specifying the specific tag.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  8. Message trace shows spoofed mail as legitimate

    Please can you enhance the Message trace, spoofed mail will fool your system and show as an internal mail when this is not the case. This leads to incorrect troubleshooting.

    Thanks Bill.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  9. User receives an additional attachment in the email using MAC default mail app

    User receives an additional attachment (ATPFile_CE6EEE48-3663-4393-AEBB-9A55F7C1723F.token) in the email using MAC default mail app, when ATP scans the original attachment as Safe Attachment policy. Can we get an option where ATP is also compatible on default mail app for MAC and works properly as it works on Outlook for Windows and Mac?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Teardown

    To start new

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add more data to safe links malicious url click

    With the arrival of AIR to Security and Compliance we have noticed that there is no correlating data for when a user clicks on a Malicious URL. For example, if someone were to run a Safe Link through VirusTotal or urlscan without first sanitizing through o365atp it would count as a click for the user. If we were able to see IP address etc. at time of click it would be more helpful in determining exposure vs. false positive.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Email notification with location of IP when user login.

    I want to received user login notification with server IP address and location the same information what I can get query IP address with WHOIS. It will help for detect intruders trying to login from other countries.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  13. Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy

    Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy trying to get their passwords

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow search for all activity by IP

    I would like to search the entire activity log by a specific IP address.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow search for all activity by IP

    I would like to search the entire activity log by a specific IP address.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Secure Score - MFA enabled through Admin Portal is not counted

    MFA Secure Score is only counted when MFA is enable in Azure

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Security score

    In Microsoft 365 security there is a Secure Score with three subcategories Overview, Improvement actions, and History. Under there is a note saying - Actions you can take to improve your Microsoft Secure Score. Score updates may take up to 24 hours.​ But after talking with Microsoft Office 365 support I got an answer that this technology is pretty new and actually secure score updates up to 72 hours., So what if you change this 24 hours to 72 hours, so other people who are looking on the history don't get confused why secure score is not updating. What if…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow SharePoint Subsites be be Excluded from Retention Policy

    Enable the Ability to Exclude Subsites from Retention Policies to allow for easier deletion and management of sites

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. Entries corrupted when exporting audit logs from SCC when you selected Save loaded results

    I would like you to improve the audit logs which exported from SCC by selecting Save loaded results to show data appropriately, because it shows its entries corrupted.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  20. New Zealand (NZ) Sensitive Information

    Add NZ Sensitive Information to the Sensitive Label template - e.g. Drivers Licence, Passport No, Bank Account No, IRD Number, etc.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 100 101
  • Don't see your idea?

Feedback and Knowledge Base