Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. End User Spam Notifacation - Frequency

    Currently we can only have 1 email sent per day notifying the user they have spam in quarantine.

    The email is usually sent just after midnight so if the user does not check their quarantine it could be a full 24 hours until the use is notified that they have spam to release.

    Could I suggest that at least 3 times per day this email can be sent?

    Cheers

    557 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    62 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback. We have a clarifying question that would help us to prioritize this better: If you need notices 3 (or more) times per day, why use quarantine at all? Why not send the mails to a junk folder which the user can check on demand? If you want a notice each time any message gets quarantined, again, what prevents just sending the mails to a junk folder instead?

  2. Office 365 mail queue viewer and control

    It will be better if Admins get the option to view the mail queue in Office 365. We will have more control on the email flow if this option is enabled.

    385 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback.

    Today you can see messages which are “pending” in a queue through Message Trace feature. In the Mail flow Dashboard, you can see messages queued for more than an hour. We’ve also created alerting for this condition. Can you tell us what other things you need and what the scenarios look like / how commonly you need to perform the task?

    This would help us when evaluating this item further.

  3. Allow Exchange Admin Auditing retention to be increased past 90 days

    The commands Set-AdminAuditLogConfig -AdminAuditLogAgeLimit do not work on 365. We have a requirement to keep all admin logs for 3 years but this cannot be performed.

    176 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →

    At this point, the Office 365 service only allows for the retention of audit entries for 90 days. Can you provide us more information regarding your requirement to keep logs for 3 years. Is this a legal obligation? Please provide details around the specific audit entries you would like to retain for an extended period of time.

  4. Allow Office 365 users to transparently open OME encrypted emails within Outlook

    If a user sends an email to multiple recipients including Office 365 users (internal or external) as well as non-Office 365 users that don't support TLS transport and wants to protect that email with OME, it has to be encrypted. This would lead to the situation where all recipients would have to go through the portal process to retrieve the message including the Office 365 users.

    This would be a reason that TLS encryption for Office 365 users to reasonably protect emails is not adequate and OME is inconvenient for Office 365 users. This is the reason for my inquiry…

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. end user notification

    currently in EOP, when we enable the end user notification for quarantine emails, the minimum value is 1 day, which may cause the issue we may miss some important emails, we required that we may improve the feature to send notification every hour.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    Please share with us more about how you use the product. For scenarios which require end users to regularly scan for false positives, we find that customers prefer to use Junk Mail folder instead of Quarantine. Is that an option for you? Also, have you investigated the causes of the false positives? Improper configuration is the cause of roughly half of all false positives.

  6. Outbound email data should be used to assist in spam scoring

    Example: You and a customer have exchanged a series of emails back and forth and randomly an email will be held.

    The email addresses and domains (non free email providers) you have a history of sending email to should be a factor in the spam scoring and significantly reducing the likelihood that mail from that domain (less so) and email address (more so) are quarantined.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Glitsch in the segregation of user database in GDPR

    : When i today was managing the assigned user for the GDPR compliance in https://servicetrust.microsoft.com/FrameworkDetailV2/35413bd5-7b88-4356-b78f-e009dfa2ca4f is swiftly saw the userdatabase of a different tenant than mine on something dentalhealthservices... it was only visible for a few seconds. But i think there could be something wrong with the segregation of tenants in office 365 service trust portal.

    The issue happened when i was clicking assign user and the screen that should have shown me my own user database. Instead i saw the other tenants user database for about 5 seconds, and it dissapeared again.

    I was not able to recorde the…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow EOP transport rule backups

    I would love to see an option that would allow me to backup a copy of all the EOP rules that I have created for inbound, outbound, spam rules. We are a very large school system so we have a lot of specific rules for domains, IP address ranges and key words.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base