Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Conditional Access for EVERY tenant

    Conditional Access Policies should be available to EVERY tenant within Azure AD. Not a premium feature for those willing to pony up the big money.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Records management User Group

    A resource to connect with others who have implemented Compliance Center. We could share knowledge and best practices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Retention policies for Teams/Chats by AD group

    Retention policies for Teams messages and chats should be assignable by AD group instead of having to manually specify each user individually.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  4. Retention Label when defined as record don't allow change metadata

    When define a Retention Label as a record don't allow to change metadata (columns) in SharePoint. Now it only not permite change a file, but we can change metadata related to the file in document library.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ticket #:15787801: DMARC Failure report for Out of Office replies to linkedin.com because the return path is set to '<>'

    Refer to the subject that we have raised a ticket where O365 support found our SPF record that you have set is correct, and the out of office replies the DMARC does not work because the return path is set to '<>'. Hence, this is by design behavior.

    They suggest us to submit this request to Microsoft product group team to change this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Report all attachments scanned by Advanced Threat Protection Safe Attachments

    Currently reporting for Safe Attachments only shows malicious files. This makes it difficult to verify that Safe Attachment scanning is working as intended. It would be beneficial to be able to verify in a report detail regarding all attachments that have been scanned and marked as safe.

    This idea stems from a situation were Advanced Threat Protection was not scanning attachments for a tenant despite being configured to do so. Without checking through message traces or verifying with end users it was not possible to verify if it was working or not. The issue was further complicated as the reporting…

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  7. Change/control the receiver limit in Exchange Online

    We would like to reduce the risk of mistakes in sending mails by easing the receiver limit intentionally. So, it would be great if we could change/control the receiver limit (e.g. changing the limit up to 100). Please improve the functionality more flexible.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Need An Awesome Theme Wedding Decor For Your Flowers Wedding?

    There’re multiple ways to intensify a wedding theme with these colors and one of them is about using lots of greenery along with gentle white fabrics and patterns and wooden details with best of the fresh flowers theme wedding decor.
    visit:- https://sites.google.com/view/theme-wedding-decor/home?authuser=1

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make "Group Creation" Alerts Meaningful

    We have disabled student creation of Modern Groups in Office 365 and tested that this works. We allow staff to create Modern Groups, but want to be alerted when they do so. At this point, any time a staff or student shares a file/folder in OneDrive we are getting alerted. Please segment these type group creations to allow meaningful alerts. At this time I have to disable the alert I created to avoid being bombarded with emails I cannot chase down.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Communicate to Windows Firewall developers that Outlook firewall permission rules do not work when outbound connections are being blocked

    If Windows Firewall is configured to block outbound as well as inbound connections unless allowed by rule, Office 365 Microsoft Outlook cannot connect to the Exchange server even after rules are created to permit the application. This is because additional executable files must be permitted. These additional files include:
    1) Microsoft Outlook Communications - hxstr.exe
    C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\hxtsr.exe
    2) Microsoft Outlook Communications - hxoutlook.exe
    C:\program files\windowsapps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\hxoutlook.exe
    It may also be necessary to include: backgroundtaskhost.exe:
    C:\windows\system32\backgroundtaskhost.exe

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. O365 security compliance alert policy should be added with feature to configure alert when forwarding mail to external domain

    O365 security compliance alert policy should be added with feature to configure alert when forwarding mail to external domain

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enforce Microsoft Authenticator App Lock

    We would like to enforce the 'app lock' setting on the Microsoft Authenticator app to force users to either enter their device passcode or use biometric authentication before opening the app.

    This could be through an Intune app config or a built in setting.

    Currently if an unlocked device was compromised, the attacker would be able to circumvent account MFA security.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Fix unkown user entries on Audit Log

    Hi kindly look into the Audit Log search where it shows Unknown on the User column. We already checked this on the backend under 1199924 and they verified that that they are aware and planning to fix this in the future.

    Would appreciate if you can update on this thread if ever the fix for this concern will be implemented.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  14. DLP Protection template for GDPR (France)

    Hello,

    Some default templates for DLP protection do not have associated keywords.
    Example: French identity card (CNI)

    https://docs.microsoft.com/fr-fr/office365/securitycompliance/what-the-sensitive-information-types-look-for#france-national-id-card-cni

    As a result, all documents containing a string of 12 consecutive digits go up in the DPL console as French identity card numbers.
    For other European countries there is a keyword test, but not for France.
    So I end up with hundreds of false positives.
    It would be nice if developers could check the default templates so that there is no such problem.
    This DLP protection is very important if we want to comply properly with the GDPR.

    Best regards.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  15. Rules are not working on Junk Email.

    I enter the domain name when I create a rule on my junk mailbox, such as 'wooordpress'. The rule never works.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. attack

    anonymize the reactions on the fake phishing campaign in its report from attack simulator

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add proper alerting and triage for DLP events in Security and Compliance Center and Exchange Online DLP (Transport Rules)

    The Current Security and Compliance Center lacks proper alerting for DLP Rules that are triggered under the Security and Compliance Center and under the Exchange Online DLP (Transport Rules). We need a simple one stop shop that shows all flagged alerts from the SCC and Exchange online DLP rules. These alerts show show the basic stuff like sender, recipient, time, policy triggered, unique count, ect. Also it should allows triage such as dismiss, investigate, false positive ect.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow Bulk edit of Hold locations

    At present each location to be put in Hold must be added one at a time. this is very laborious. Can we get bulk edit for Hold locations. Like Bulk edit in the legacy UI for Search

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  19. To warn users not to use To and CC when sending email to multiple customers due to PDPA

    There's no DLP rule to prompt user of a shared mailbox not to use "To" and "CC" field but to use BCC. This is for situation where user of a shared mailbox wants to send promotional and announcements information to customers but don't want to reveal the customers' email addresses due to PDPA.

    It'd be very helpful if it prompts (warning message) to user not to use To and CC but to use BCC field instead when sending email to multiple recipients such as customers.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  20. Single DLP Policy for multiple actions

    DLP policy from Security and Compliance to include multiple options to add custom branding and multiple other options in a single policy instead of creating different transport rules or policies.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 95 96
  • Don't see your idea?

Feedback and Knowledge Base