Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. In Exchange Admin Center and Content Search allow searches to be copied or cloned.

    In Exchange Admin Center and Content Search allow searches to be copied or cloned

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Have MFA challenge tell you which app challenge is for

    This would eliminate confusion when multiple txt msg's come in and not knowing which text code to put in which challenge box

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Daily Alert on OneDrive for DLP detection

    Alert is sent out only when DLP policy first detect on OneDrive. For better management, it would be helpful if there is a daily alert which contains all existing detection plus the new detection for related persons to follow up.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  4. Archive LinkedIn and other social media

    Now that Archive third-party data has been added to the Data Goveranance\Import location when will LinkedIn be available?

    Interesting that the first two connectors available is for FaceButt and Twitter but not LinkedIn!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. ATP Safelink - Display test of destination URL

    By including text displaying the original URL path, that is not in the form of a hyperlink, you would allow users to gather context that can be ascertained from the URL path. People would also be better informed before clicking a on a URL that may or may not be malicious, only to discover they would not have clicked that link if they had seen the path before they clicked on it.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. เยส

    เยส

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Security Status of Microsoft Cloud Services ("Secure", "Degraded", "Compromised", etc

    We had an issue this morning where our filtering provider marked all Microsoft traffic as suspect. I do not know at this time was what triggered the event, but the provider could not provide assurance on as a false positive. I have nowhere to look on My tenant to verify this claim. As Microsoft’s presence in the cloud grows it becomes a very attractive target and no site is immune. I would think there would be a resource somewhere on the Microsoft site or my tenant that would provide a security status. Obviously this dashboard would not have details, but…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Christel Mehnert, Wittenbergstr. 2 A. 39576 Stendal, Deutschland

    Es wurden am 23.05.2017 69,00 € von meiner Kreditkarte abgezogen von Microsoft zur Verlängerung meines Vertrages von Office und ich habe ein Schreiben erhalten, dass Office 365 für 1 Jahr verlängert ist.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability for customers to initiate encrypted email to us via a link in the signature line

    We currently use ShareFile and have an upload icon in our signature line. This allows the client to send us encrypted files using the "File Drop" feature by pulling up any previously sent emails by our company. I would really love to see the ability to have the client click the Upload icon in our signature line and be able to initiate an encrypted email back to us using O365.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. I ran a malware test from https://www.emailsecuritycheck.net and Outlook 365 failed every test.

    I ran a malware test from https://www.emailsecuritycheck.net and Outlook 365 failed every test. My suggestion is to perhaps check for malware?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatically adding user who took specific actions to the recipients of the alert policy notification message

    We need to set recipients who receive the alert policy notification in advance, but I want the message to be sent automatically to the user who has taken actions as well.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Not able to trace creator or for whom HIGH severity alert has been triggered however able to see for LOW severity alerts.

    Can you please provide a way how to find who has created that HIGH severity alert or for whom it's been created ? for the security concern.

    Able to trace user & creator for LOW severity alert but not for HIGH severity alert.

    Looking to here from your side!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Extract mailbox last login

    This is basic functionality. We are not getting mailboxes last login date

    We tried checking in the Audit log but it is not giving the data what I am looking for and again it has limitation of 90 days.

    As a revalidation process we are re-checking wheater email ids disabled or not b

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  14. User cannot see "deleted site collection" event.

    User cannot see "deleted site collection" event in [Office 365 audit log report].
    It seems this feature is not supported yet, but the "deleted" event in [Office 365 audit log report] should be supplied since it is very important information for operation and maintenance for administrators. They feel disadvantage that the "deleted site collection" event is not provided although there is “SiteCollectionCreated” as operation in [Office 365 audit log report]. Please change the design.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow customers to customize DLP templates phrases when setting up mail tips? Default pop ups should be customizable and not by default.

    Change text in override situations for example in DLP Mail tips. Pop ups are all by default, we should be able to customize those pop ups with the phrases that we would like them to be.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  16. June 12, 2019: I have been trying to send emails through Constant Contact; they are going to the Junk Folder. the emails are not junk!

    June 12, 2019: I have been trying to send emails through Constant Contact and they are going to the Junk Folder when the emails are not junk!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add Is Not Member of a Group in Message Transport Rules

    currently you only have rules that check for Member Of a group, please allow us to crate Transport Rules for Member Is Not in a group, this would really help

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  18. Option to disable common attachment types filter for internal mail only

    Today you can define common attachment types that will treat certain file types as malware. There should be an option in the malware policy that would ignore this filter for internal mail only, but treat such file types as usual for incoming external mail.

    As an example, ATP Safe Links have an option to ignore the mechanism for internal mail and so should the attachment filter.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  19. Include Center for Internet Security guidelines

    Create Azure Security and Compliance Blueprint based on CIS recommendations for MS Azure platform.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add "Sender is" in conditions or exceptions of DLP.

    Currently, the conditions and exceptions can be only applied to recipients. It will better if DLP support conditions and exceptions set to senders.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base