Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Cloud Application Security - Block Uploads

    It will be great if granular policies such as preventing upload of documents to unsanctioned applications could be created.

    Then Cloud application security would make use of Defender ATP and Network Protection to prevent upload of confidential data.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy

    Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy trying to get their passwords

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Tenant Wide Permission Report across all Site Collections

    I would like the ability to run a permission report against the entire tenant where I can check all site collections (and sub-sites) or specific site collections with an option to include or not include list and libraries. I've found PowerShell scripts to run against a single site collection but not the entire tenant. I need Site Collection address, site address, site owner, user login, and the permission granted,

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Teams Microsoft and Skype for Business

    Teams Microsoft and Skype for Business services the rutilite in Security the community Small Business, preservation and Protection on potencial the client in relation the Enterprise for production quality in conformidade the Marketing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  5. O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add OR conditions to spam rules

    Add OR conditions to Spam rules. Currently, if you want to prevent spam, you can only add a rule with AND. This makes each condition less effective. If you get a match on one of them and not the rest, the spam gets through.

    We are getting bombarded with Dropbox phishing scams. They are coming with different TO, FROM, and SUBJECT information. The common factor is that one of those three usually contains the words "dropbox" "sharing" "connect@" or "box". But not always in the same field. And then the exception is the actual domain for dropbox, so that it…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Get high-quality content writing services- suprams info solution

    Content writing services marketing communication, business writing, Excellent writing skills, must be a strategic thinker, able to develop key positioning, messages and narratives. For more query visit:- https://medium.com/@supramconsulting/creative-content-writing-services-by-suprams-info-solution-9439109daa0c

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  10. Microsoft 365 NIST 800-171 Assessment in Compliance Manager

    Can you add the NIST 800-171 assessment in Compliance Manager for the product Microsoft 365?

    Right now the product list only includes: Azure, Azure Government, Dynamics, Office 365 and Professional Services. No M365 :(

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  11. This is suggestion title

    Here is the description

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. found Potential security gap in EOP, Restricted file types gets bypass malware filtering when inserted inside word doc

    Restricted file types gets bypass malware filtering when inserted inside word doc, what is the solution?
    .dll file inserted into word doc is getting bypassed without getting quarantined, however on premise
    Symantec mail security is able to quarantine such scenarios.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  13. it would be fantastic to have a notification system for article updates

    When an article is updated with useful info, such as what IP addresses that MS sends from externally. it would be nice to have a way to update concerned customers with that info. Otherwise angry customers become my alerting system.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. is it possible to Content Search using both date and time

    It seems that there is no option to search for 'Times', just dates.

    This is presuming I have not missed it somewhere, this granularity option when searching I feel would be very beneficial.

    Is there a reason its not included?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  15. Restrict customer network to access specific tenant.

    Due to some SOX audit´s that some customers must meet, we are facing problems to meet the restriction of customer network to be allowed to access specific tenant. Fail to meet this requirement let internal users to be able to connect to any office365 tenant inside customer network. And this is bad for audit´s. Google apps implemented this restriction trough some sort of tagging of headers to be sent to google tenants. https://support.google.com/a/answer/1668854?hl=en

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed.

    Please provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed. As is, nothing happens when clicking the upload button after browsing and selecting the APN Certificate which led me to believe there was an issue with the "Install Apple Push Notification Certificate" wizard.

    Rather than reinstalling the APN, all I had to do was Renew the currently installed APN on the Apple Push Certificates Portal.

    Had there been a pop-up indicating that an APN already exists, I would've save myself and MS Support team sometime.

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Content Search and restore emails

    The content search needs to be able to included in the 'Recipients and Sender fields" email addresses that don't belong to the O365 domain you are in.

    Instead of the convoluted approach that restoring emails is currently, it would be nice if you could restore emails from the Content Search window itself. This would save time and tech hours in downloading the export and restoring one by one.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add MCAS roles in Azure AD PIM

    Add MCAS roles such as Global Admin Full Access, User group admin available in Azure AD Priviledged Identity Management to enabled Just-in-time access. This would allow secure access to MCAS only using the built in PIM system.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  20. MFA - Check the recent sign-in activity

    MFA should be have the same option of the personal accounts.
    On my hotmail account with MFA I have the option to see the logs, "Check the recent sign-in activity".

    Should be have the same option to corporate email address, this way the user can check the lastest entries.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Information Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base