Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Office 365 Message Encryption: User Driven Outlook Plugin

    Please provide an Outlook Plugin for users to initiate and encrypted email. I know this is on the roadmap for OWA, but most users are still using Outlook 2010+. Provide a new button directly under the current Send button that says, "Send Encrypted".

    Our client base can't depend on users typing in encrypt and Exchange DLP rules for Encryption.

    210 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. The PDF reader doesn't work with View Permissions and IRM enabled

    IRM and PDF support in office 365 is virtually non existent, Microsoft needs a native PDF application which supports IRM, and the current solutions to use Foxit or NitroPDF don't work when you attempt to give a user view rights with IRM enabled - which totally defeats the purpose

    154 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Add ability to send the One-Time Passcode via SMS and NOT by e-mail

    Office 365 Message Encryption can be leveraged in case of a delegated inbox scenario. If an encrypted message is sent to a person who's inbox is delegated e.g. to a secretary the delegated has the ability to request a one-time passcode to the delegated inbox and so full access on the OME protected message can be gained.

    This scenario could be avoided by sending the one-time passcode using SMS because then the delegated has no access to the one-time passcode.

    129 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Allow Journal decryption in OME

    Currently RMS-encrypted mails can be decrypted for the purposes of journaling, but OME-encrypted mails - even though also based on RMS - does not have the same option. Set-IRMConfiguration -JournalReportDecryptionEnabled $true is used to enable RMS journal decryption. I suggest something similar is developed and made available for OME.

    121 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. Allow for adjusting the link expiration time for an OME v2 encrypted message.

    Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

    97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. OME v2 - Encrypt Only Template

    The new version of OME that is now more integrated into AIP, needs to have an encrypt only option such as you can configure using the message classification configuration.

    The DNF use case is too restrictive for our organisation.

    Thank you for consideration.

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. Office Message Encryption - Link instead of HTML attachment

    Enable encryption to be a link in the body of the message instead of an attachment. Many filters block html attachments.

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Read receipt for when encrypted email is read.

    Products like ZIX are able to deliver a notification when someone reads the encrypted message they were sent.
    Our Customer has requested this feature to be added in O365

    66 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Ability to apply multiple Branding Options for Office 365 Message Encryption

    Office 365 Message Encryption currently only provides the ability to specify one set of branding configurations (see https://technet.microsoft.com/en-us/library/dn569292.aspx). Large enterprises that have multiple entities need the ability to provide branding for each entity.

    For example, if Contoso was comprised of entities Fabrikam, Northwind, and ADatum, each entity should be able to specify it's own branding for OME.

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Serious Bug in External Sharing

    The security trimming is not working with external sharing switched on. Users are only supposed to see what they have been given access to see in SharePoint Online. However, when you share content externally as read only, users are still able to see the full Site Owner menu options for the items. They can also click on them, but then when trying to submit the change, they get an error saying access denied. (The errors messages are also not consistent causing more confusion - see deleting a document versus renaming it). This is a MAJOR design flaw as external sharing…

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. Allow Office 365 users to transparently open OME encrypted emails within Outlook

    If a user sends an email to multiple recipients including Office 365 users (internal or external) as well as non-Office 365 users that don't support TLS transport and wants to protect that email with OME, it has to be encrypted. This would lead to the situation where all recipients would have to go through the portal process to retrieve the message including the Office 365 users.

    This would be a reason that TLS encryption for Office 365 users to reasonably protect emails is not adequate and OME is inconvenient for Office 365 users. This is the reason for my inquiry…

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Enable the encrypt button in Outlook for Business Premium subscriptions

    Enable the OME encrypt button in Outlook for users with a Business Premium with OME bolted on. This appears in OWA so why shouldn't it also be available in Outlook. If you are paying for the licence you should get the tools you need to use it.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block email if manager attribute is empty in message approvals

    message approval action in transport rule will check for empty manager attribute and if manager attribute is empty then will block or reject the message.

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Office 365 Message Encryption: Set Custom Subject in Notification Email

    When an email with OME is sent, it is delivered to the recipient as a notification with instructions to view the message on the portal. The body of that notification is changed, but the subject of the original email is preserved. Please provide the option (another parameter in Set-OMEConfiguration) to set a custom subject for that notification email while still preserving the original subject when the recipient views the email in the portal.

    For example, allow an administrator to replace the notification email's subject with something like "You have a new encrypted message." Ideally, it would be great if we…

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Message Encryption Expiration

    Microsoft states that they have the ability to do expiration for messages that are encrypted, but this is not actually true. When a ticket was opened, they just said it was in testing phase. There is no reason this should take that long to implement. Please correct documentation and add feature. https://blogs.office.com/2015/02/18/office-everywhere-encryption-everywhere/

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. "Encrypt" RMS template: seamless read not working in Outlook Online and Outlook ProPlus

    Hello,

    We have created a transport rule in Exchange Control Panel to apply Office 365 Message Encryption with RMS template "Encrypt" to emails having subject ending by " (crypted)".

    When we send an email matching the conditions, the rule is triggered.

    However, when the email is received in Outlook 2016 (ProPlus) or Outlook Online, it is not displayed directly as described on https://support.office.com/en-us/article/how-do-i-open-a-protected-message-1157a286-8ecc-4b1e-ac43-2a608fbf3098. Instead, a link to the web portal is displayed.

    We raised a support request on this (#7596564).

    Office 365 support told us to use the "Do Not Forward" RMS template. However this is not what we…

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Recall mail support of encrypted mails (Azure Information Protection/Outlook)

    The "Recall mail" feature in Outlook is not currently supported by Azure Information Protection (AIP) encrypted mails. Mail send with AIP/RMS encryption can't be recalled.

    A suggestion is to build the mail revoke feature (in preview) into the Outlook Recall mail feature to ease user experience.

    (currently you can revoke a mail with Power Shell commands).

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Disabling Exchange ActiveSync

    Disabling Exchange ActiveSync for the entire organization in Cloud environment is not that effective, currently Disable will apply only to current users available in tenant. For newly added users the process need to be repeated. Its difficult task for a bigger organization to apply policy for every newly added users. It's better to have one option to disable Exchange ActiveSync for entire tenant.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. Simply enroll S/MIME certificates to users with 3rd Party Certificate Authority

    Enrolling S/MIME certificates for email encryption/signing is such a pain. Could Microsoft team up with a 3rd Party CA like Thawte and easily enroll and configure this certificate to users in the organization? Microsoft should be able to configure the certificate in Outlook Client, Web Access and Outlook Apps without any user interaction required.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. SMTP through Exchange Online with Azure Info Protect

    It would be great if mail messages generated and sent via a PowerShell or Telnet SMTP sessioin could make use of Azure Info Protect instead of RMS.

    For example, if I enter the command:
    PS C:\Users\fakeuser> Send-MailMessage -From noreply@blah.com -To fakedude@gmail.com -Subject "Testing Encryption Again2" -Bo
    dy "Test PowerShell message send which should be encrypted" -SmtpServer smtp.office365.com -Credential $msolcred -UseSs
    l -Port 587

    Currently, I can only get either of 2 outcomes by doing this:
    1.) If I change a label to detect the use of a keyword (i.e. the word "credentials") and then apply 'Highly Confidential', AIP does not…

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base