Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Office 365 Message Encryption: User Driven Outlook Plugin

    Please provide an Outlook Plugin for users to initiate and encrypted email. I know this is on the roadmap for OWA, but most users are still using Outlook 2010+. Provide a new button directly under the current Send button that says, "Send Encrypted".

    Our client base can't depend on users typing in **encrypt** and Exchange DLP rules for Encryption.

    210 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. The PDF reader doesn't work with View Permissions and IRM enabled

    IRM and PDF support in office 365 is virtually non existent, Microsoft needs a native PDF application which supports IRM, and the current solutions to use Foxit or NitroPDF don't work when you attempt to give a user view rights with IRM enabled - which totally defeats the purpose

    151 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Add ability to send the One-Time Passcode via SMS and NOT by e-mail

    Office 365 Message Encryption can be leveraged in case of a delegated inbox scenario. If an encrypted message is sent to a person who's inbox is delegated e.g. to a secretary the delegated has the ability to request a one-time passcode to the delegated inbox and so full access on the OME protected message can be gained.

    This scenario could be avoided by sending the one-time passcode using SMS because then the delegated has no access to the one-time passcode.

    124 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Allow Journal decryption in OME

    Currently RMS-encrypted mails can be decrypted for the purposes of journaling, but OME-encrypted mails - even though also based on RMS - does not have the same option. Set-IRMConfiguration -JournalReportDecryptionEnabled $true is used to enable RMS journal decryption. I suggest something similar is developed and made available for OME.

    115 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. OME v2 - Encrypt Only Template

    The new version of OME that is now more integrated into AIP, needs to have an encrypt only option such as you can configure using the message classification configuration.

    The DNF use case is too restrictive for our organisation.

    Thank you for consideration.

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. Allow for adjusting the link expiration time for an OME v2 encrypted message.

    Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

    94 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. Office Message Encryption - Link instead of HTML attachment

    Enable encryption to be a link in the body of the message instead of an attachment. Many filters block html attachments.

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Ability to apply multiple Branding Options for Office 365 Message Encryption

    Office 365 Message Encryption currently only provides the ability to specify one set of branding configurations (see https://technet.microsoft.com/en-us/library/dn569292.aspx). Large enterprises that have multiple entities need the ability to provide branding for each entity.

    For example, if Contoso was comprised of entities Fabrikam, Northwind, and ADatum, each entity should be able to specify it's own branding for OME.

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Read receipt for when encrypted email is read.

    Products like ZIX are able to deliver a notification when someone reads the encrypted message they were sent.
    Our Customer has requested this feature to be added in O365

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Allow Office 365 users to transparently open OME encrypted emails within Outlook

    If a user sends an email to multiple recipients including Office 365 users (internal or external) as well as non-Office 365 users that don't support TLS transport and wants to protect that email with OME, it has to be encrypted. This would lead to the situation where all recipients would have to go through the portal process to retrieve the message including the Office 365 users.

    This would be a reason that TLS encryption for Office 365 users to reasonably protect emails is not adequate and OME is inconvenient for Office 365 users. This is the reason for my inquiry…

    42 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. Serious Bug in External Sharing

    The security trimming is not working with external sharing switched on. Users are only supposed to see what they have been given access to see in SharePoint Online. However, when you share content externally as read only, users are still able to see the full Site Owner menu options for the items. They can also click on them, but then when trying to submit the change, they get an error saying access denied. (The errors messages are also not consistent causing more confusion - see deleting a document versus renaming it). This is a MAJOR design flaw as external sharing…

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Enable the encrypt button in Outlook for Business Premium subscriptions

    Enable the OME encrypt button in Outlook for users with a Business Premium with OME bolted on. This appears in OWA so why shouldn't it also be available in Outlook. If you are paying for the licence you should get the tools you need to use it.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block email if manager attribute is empty in message approvals

    message approval action in transport rule will check for empty manager attribute and if manager attribute is empty then will block or reject the message.

    36 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Automatic using OEM encryption as a TLS fail retry

    Please create a feature in Office 365 for the option that when the destination server does not support TLS encryption, it will automatic retry using passcode encryption method, instead of bounce back the email 2 days later.

    35 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Office 365 Message Encryption: Set Custom Subject in Notification Email

    When an email with OME is sent, it is delivered to the recipient as a notification with instructions to view the message on the portal. The body of that notification is changed, but the subject of the original email is preserved. Please provide the option (another parameter in Set-OMEConfiguration) to set a custom subject for that notification email while still preserving the original subject when the recipient views the email in the portal.

    For example, allow an administrator to replace the notification email's subject with something like "You have a new encrypted message." Ideally, it would be great if we…

    34 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  16. Message Encryption Expiration

    Microsoft states that they have the ability to do expiration for messages that are encrypted, but this is not actually true. When a ticket was opened, they just said it was in testing phase. There is no reason this should take that long to implement. Please correct documentation and add feature. https://blogs.office.com/2015/02/18/office-everywhere-encryption-everywhere/

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. "Encrypt" RMS template: seamless read not working in Outlook Online and Outlook ProPlus

    Hello,

    We have created a transport rule in Exchange Control Panel to apply Office 365 Message Encryption with RMS template "Encrypt" to emails having subject ending by " (crypted)".

    When we send an email matching the conditions, the rule is triggered.

    However, when the email is received in Outlook 2016 (ProPlus) or Outlook Online, it is not displayed directly as described on https://support.office.com/en-us/article/how-do-i-open-a-protected-message-1157a286-8ecc-4b1e-ac43-2a608fbf3098. Instead, a link to the web portal is displayed.

    We raised a support request on this (#7596564).

    Office 365 support told us to use the "Do Not Forward" RMS template. However this is not what we…

    26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  18. Simply enroll S/MIME certificates to users with 3rd Party Certificate Authority

    Enrolling S/MIME certificates for email encryption/signing is such a pain. Could Microsoft team up with a 3rd Party CA like Thawte and easily enroll and configure this certificate to users in the organization? Microsoft should be able to configure the certificate in Outlook Client, Web Access and Outlook Apps without any user interaction required.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. SMTP through Exchange Online with Azure Info Protect

    It would be great if mail messages generated and sent via a PowerShell or Telnet SMTP sessioin could make use of Azure Info Protect instead of RMS.

    For example, if I enter the command:
    PS C:\Users\fakeuser> Send-MailMessage -From noreply@blah.com -To fakedude@gmail.com -Subject "Testing Encryption Again2" -Bo
    dy "Test PowerShell message send which should be encrypted" -SmtpServer smtp.office365.com -Credential $msolcred -UseSs
    l -Port 587

    Currently, I can only get either of 2 outcomes by doing this:
    1.) If I change a label to detect the use of a keyword (i.e. the word "credentials") and then apply 'Highly Confidential', AIP does not…

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. Office 365 Message Encryption - One time passcode not working outside Microsoft system

    The one time passcode was working few weeks ago for people outside of our organization, but it is no longer working and nothing has been changed from our end. I have been on a call with Microsoft Support and they told me that will not work with Gmail, which is not acceptable because our clients have their domain integrated with Google and they are using Gmail. It is also not working with Yahoo as well. OTP works with Hotmail because it is a Microsoft product. I know it works using a Microsoft Live account but that is not the point.…

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base