Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow export of Detail Data to .csv for All reports in the Security and Compliance Dashboard

    Users with access to view the reports in the Security and Compliance Center should have access to export the detail data to a .CSV. The table of data is already available, but there is no option to export and the formatting on a copy and paste is all but useless.

    This functionality already available for the usage reports in the Office 365 Admin Center, so it does not see like it would be a new build. This is vital for our security team to be able to provide an Executive Summary to our leadership to educate them on the security…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  2. Alerts for when a user logs into another machine (login notifications)

    Add an option for Alert Policies in the Security and Compliance Admin Center for activities like users logging into another machine or devices and administrator activities within the tenant.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  3. Option to extract the "sent and received email reports"

    Option to extract the "sent and received email report" like we can in many other report types.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  4. Need more details in Spam detections report

    You can check the number of Spam IP block or Spam DBEB filter in Spam detections report, but their details are not provided. So, we would like to check their details in the report.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  5. Request an API to get SCC dashboard reports

    SCC dashboard reports are very useful. We have an API https://docs.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-1.0, but it doesn't cover SCC dashboard reports.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  6. Secure Score - "Security defaults" in Azure not counted

    When you migrate from Conditional Access to Security Defaults, all security score points are lost.
    That means "security defaults" in Azure isn't counted against the Secure Score board.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  7. S/MIME signature for quarantine notifications

    Quarantine notifications contain links where a user is supposed to click on. These messages are easy to fake. We use S/MIME signatures throughout our organisation and have instructed our users to only trust properly signed messages and double check all unsigned messages and handle attachments and links within mails with extreme caution. An S/MIME signature would make mails from Microsoft much more trustworthy.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  8. I would like to see a report/graphics how many email we do get from other countries either by domain or IP or better both.

    I would like to see a report/graphics how many email we do get from other countries either by domain or IP or better both options.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  9. Obtain every data configured in Reports for Download all together

    It would be great if we can export all the data in .csv file when obtaining multiple report data at once from SCC. Admins can receive emails for the submitted report request but it covers only each of the reporting category, and it takes time to check all the data we need.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  10. Get a report for all the items in the report dashboard in SCC

    We receive an email for the Sent and received email report by creating schedule, and this is the only point of entry to know its content and it’s same for other schedule-based data. But admins need to collect all these schedule-based to deliver the report to employees. So, I think it would be great if we can create a report including all the content in the report dashboard in SCC.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  11. Select admin preferred language for the report message sent from SCC

    I would like to select preferred language when sending the report message from Security & Compliance center because currently it can be sent in English only and have to take some time to translate as given the report message to everyone else in the organization. So it would be great if an admin can select the language for the message in advance.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  12. Secure Score Export

    The Secure Score export option is currently not functional. There is no way to export to Excel or PDF for reporting or to use the data in other tools other than the Graph API.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  13. Generate alert when file(s) shared externally

    Hello,
    Would be great to notify tenant admins/compliance admins if in SharePoint or OneDrive, files were shared with external source and use some limits,
    As example, if I'm sharing 100 files with external source, then notify admin about this activity.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  14. DLP articles

    There are only a few articles about DLP policies and reports that Microsoft has. Please create a few more article about the different properties for the DLP reports for different workloads

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  15. We need alert to add if any admin login to the portal

    We need alert to add if any admin login to the portal . there should be option in the alert section for the same and option for the email creation as well .

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  16. Email notification with location of IP when user login.

    I want to received user login notification with server IP address and location the same information what I can get query IP address with WHOIS. It will help for detect intruders trying to login from other countries.

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  17. Security score

    In Microsoft 365 security there is a Secure Score with three subcategories Overview, Improvement actions, and History. Under there is a note saying - Actions you can take to improve your Microsoft Secure Score. Score updates may take up to 24 hours.​ But after talking with Microsoft Office 365 support I got an answer that this technology is pretty new and actually secure score updates up to 72 hours., So what if you change this 24 hours to 72 hours, so other people who are looking on the history don't get confused why secure score is not updating. What if…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  18. ATP SafeLinks Additional Reporting

    ATP SafeLinks Additional Reporting
    I'd like to see the reporting expanded to include what device a user clicked a link. This will help resolve some 'we didn't click that from this work device' disputes.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  19. Please add tenant info to security alerts

    When we forward security alerts to a PSA or SIEM - They currently come in without any indication of what tenant it is coming from. This is bad for your partners or customers that manage multiple tenants. Please include which tenant the alert is coming from. It would be super helpful.

    Thanks

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  20. Fix misleading logging of Login Failure

    In some situations a failed login event is classified as User Logged In, and the event detail has a ResultStatus of Succeeded with ResultStatusDetail of Redirected. This is quite confusing and risks failed login events from attackers being filtered out of critical reports. The support folk have advised this is normal behavior, but it looks like poor design to me and should be fixed. The Activity should be recorded as Login Failed or Login in Progress

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base