Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Phishing attacks using Office 365 compromised Accounts/ ATP safe links not working

    Hello Microsoft ATP Team,

    This is to bring to your notice that spammers/phishers have started targeting Office 365 Tenants which creates a mail loop between Office 365 hosted domains and these emails are getting circulated through which accounts gets compromised. We had a lot of incidences happening in our environment, As these emails are getting generated from the actual account hosted in Office 365 the email are considered to be safe and lands in users Inbox. We have ATP safe links policy in place however its not performing the job as expected. ATP is a great feature but we request…

    500 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      24 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
    • End User Spam Notifacation - Frequency

      Currently we can only have 1 email sent per day notifying the user they have spam in quarantine.

      The email is usually sent just after midnight so if the user does not check their quarantine it could be a full 24 hours until the use is notified that they have spam to release.

      Could I suggest that at least 3 times per day this email can be sent?

      Cheers

      332 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        42 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

        Thank you for your feedback. We have a clarifying question that would help us to prioritize this better: If you need notices 3 (or more) times per day, why use quarantine at all? Why not send the mails to a junk folder which the user can check on demand? If you want a notice each time any message gets quarantined, again, what prevents just sending the mails to a junk folder instead?

      • Allow Settings for Message Expiration Timeout Interval and NDR

        For some error codes related to sending mails, the senders may receive the NDR immediately. However, for some other error codes, the mail server marks the undeliverable messages as a temporary error and the senders doesn't immediately receive an NDR. Instead, Exchange Online repeatedly tries to deliver the message over two days. Only after two days of unsuccessful delivery attempts does the sender receive this NDR.

        For some time critical businesses this is not acceptable. The user has to be informed very quickly (<6 hours) that his Mail was not delivered by now. Then the user can phone the recipient…

        310 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          36 comments  ·  Flag idea as inappropriate…  ·  Admin →

          Keep the feedback coming. We appreciate continued details as to which option(s) would work best. The trick is balancing notifying users (who usually can’t take action, but certainly want to know when messages are delayed) vs. notifying the admins (who may or may not be able to take action but may not want such a quick notification — for example if they are responsible for a server that is down for planned maintenance or a DNS change which takes time to propagate). We would certainly like for this to be somewhat configurable in the future, but also are considering alternatives to the current 48 hours.

        • Office 365 mail queue viewer and control

          It will be better if Admins get the option to view the mail queue in Office 365. We will have more control on the email flow if this option is enabled.

          307 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            20 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Allow Exchange Admin Auditing retention to be increased past 90 days

            The commands Set-AdminAuditLogConfig -AdminAuditLogAgeLimit do not work on 365. We have a requirement to keep all admin logs for 3 years but this cannot be performed.

            133 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              12 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →

              At this point, the Office 365 service only allows for the retention of audit entries for 90 days. Can you provide us more information regarding your requirement to keep logs for 3 years. Is this a legal obligation? Please provide details around the specific audit entries you would like to retain for an extended period of time.

            • Allow Office 365 users to transparently open OME encrypted emails within Outlook

              If a user sends an email to multiple recipients including Office 365 users (internal or external) as well as non-Office 365 users that don't support TLS transport and wants to protect that email with OME, it has to be encrypted. This would lead to the situation where all recipients would have to go through the portal process to retrieve the message including the Office 365 users.

              This would be a reason that TLS encryption for Office 365 users to reasonably protect emails is not adequate and OME is inconvenient for Office 365 users. This is the reason for my inquiry…

              39 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
              • end user notification

                currently in EOP, when we enable the end user notification for quarantine emails, the minimum value is 1 day, which may cause the issue we may miss some important emails, we required that we may improve the feature to send notification every hour.

                12 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  8 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

                  Please share with us more about how you use the product. For scenarios which require end users to regularly scan for false positives, we find that customers prefer to use Junk Mail folder instead of Quarantine. Is that an option for you? Also, have you investigated the causes of the false positives? Improper configuration is the cause of roughly half of all false positives.

                • Outbound email data should be used to assist in spam scoring

                  Example: You and a customer have exchanged a series of emails back and forth and randomly an email will be held.

                  The email addresses and domains (non free email providers) you have a history of sending email to should be a factor in the spam scoring and significantly reducing the likelihood that mail from that domain (less so) and email address (more so) are quarantined.

                  8 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                  • Glitsch in the segregation of user database in GDPR

                    : When i today was managing the assigned user for the GDPR compliance in https://servicetrust.microsoft.com/FrameworkDetailV2/35413bd5-7b88-4356-b78f-e009dfa2ca4f is swiftly saw the userdatabase of a different tenant than mine on something dentalhealthservices... it was only visible for a few seconds. But i think there could be something wrong with the segregation of tenants in office 365 service trust portal.

                    The issue happened when i was clicking assign user and the screen that should have shown me my own user database. Instead i saw the other tenants user database for about 5 seconds, and it dissapeared again.

                    I was not able to recorde the…

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow EOP transport rule backups

                      I would love to see an option that would allow me to backup a copy of all the EOP rules that I have created for inbound, outbound, spam rules. We are a very large school system so we have a lot of specific rules for domains, IP address ranges and key words.

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
                      • Don't see your idea?

                      Feedback and Knowledge Base