Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Introduce customisation to built in DLP rules (or allow exceptions to existing rules)

    We use DLP on email to assist in our PCI compliance. As an online payments provider, we often provide dummy credit card information to help our customers set up their APIs (typically 4444 3333 2222 1111). Unfortunately, despite this not being a valid card number, it triggers Microsoft's built in "Credit Card" definition resulting in 100s of false positives per week. We need to have this hard coded as an exception to the "Credit Card" definition, or, better yet, allow definitions to be customised and/or excluded from via. the Admin portal.

    60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →

    As stan mentions below, this level of customization is certainly possible. There are many other tweaks you can perform based on your specific requirements. For example, you can only look for multiple cards together, or other identifying information like expiration dates. Please review the documentation and work with support as needed.

  • Don't see your idea?

Feedback and Knowledge Base