Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Office 365 does not warn that the password has 7 days to complete.

    Office 365 does not warn that the password has 7 days to complete.The warning window says it's coming but there's no warning. I have 30 users and it gives no warning.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  2. We need to know the IP address of the user who makes a rule on his mailbox

    We need to know the IP address of the user who made the rule on a user mailbox since this action is usually triggered by an abuser who compromised a user mailbox

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  3. Access to CRM should be controllable through Intune (MDM) or, better, like Exchange does.

    Access to CRM should be controllable through Intune (MDM) or, perhaps even better, like Exchange does.

    We need to monitor and controll which devices are allowed for using CRM, and we want to force password and lock-time settings when installing the CRM app.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. How about you use SPF records to verify the validity of a mail server like the rest of the industry?

    We moved our client to a new internet connection and changed their MCX and SPF records accordingly (both records had a TTL of 60 seconds). 3 hours later, they told us O365 was blocking them. Check of industry blacklists and SPF Validity tests indicated noone else had a problem receiving their mail, it was just O365 being *special*

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Security & Compliance Center - Add role to role group via powershell

    Security & Compliance Center - Add role to existing role group via powershell

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. New-ComplianceSearch should have a flag to ignore invalid locations

    When we have built a list of recipients and fed them to New-ComplianceSearch it will report on invalid locations and not create the search. It would save time if we could pass a flag telling it to ignore invalid locations.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. MFA for OME

    Allow MFA instead of OTP in Emails. If a users email account is highjacked, the OTP is nearly useless. With MFA instead of OTP it would increase the security a lot.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Adding Message Sent and Messages Marked As Unread events types

    Are there any plans to add Message Sent and \or Messages Marked As Unread events types for Exchange Online in the near future? Not including these event types in the O365 audit trail makes it difficult to monitor for certain suspicious activities.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add other products to service trust portal

    As a CEO of a UK SME Microsoft Gold Dev Partner, we are like all SME's overwhelmed by GDPR and other compliance needs. The Service Trust Portal is Excellent. But only covers office 365 and Azure. I wouldnt expect microsoft to assess or be responsible for 3rd party products but, the system is lovely and easy to use so, it would be great if:
    1. There were API's or other extensions we could use to develop our own "plugin" to the trust centre so that we could allow our customers to manage GDPR for our application in the same way…

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  10. threat management explorer filter per internal domain

    threat management explorer filter for internal distribution analysis is per recipient - would be easier to define per recipient domain.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  11. Supervion email report results are slow to update in Security and Compliance portal

    Email supervision documentation suggests the supervisory email report is way to view "live" activity. The report is very slow to include new activity - a minimum of 24 hours and even longer seems to be the norm.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow E-Discovery for Exchange Online Archiving

    We are at the moment in a hybrid scenario where part of our users have their mailboxes on premise and the archives in Office 365. Recently we noticed that we do not have any option for actually exporting the Exchange Online Archive contents to a pst, outside of doing it from Outlook (we are in a Citrix environment and users are located in different countries so that would not be easy).
    It would be great if we had an option to search/export the archive contents for hosted archives.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  13. How do I get admin rights on my PC: I cant even access this portal and this is my personal PC https://portal.microsoftonline.com/.

    Please can someone contact me to help me get admin rights to my personal PC. Cant even log on to this portal and I own office 365?

    https://portal.microsoftonline.com/.

    can someone please help

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Delay in DLP admin alert mail.

    Delay in DLP admin alert mail which is coming from office365lerts@microsoft.com. Delay time is 10 to 30 min.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  15. Auto-run queries and auto-save files

    Allow specified queries to run at a pre-determined time every day and send an email notification if there are any hits on the word search. And, automatically save an audit file to a specific drive.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  16. Multi-cloud support for Microsoft 365 PAM

    Support for non-Office 365 and other cloud service providers through privileged access management in Microsoft 365 (e.g. Salesforce, Dynamics, SAP, Service Now etc.)

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Journal unencrypted messages in original format when JournalReportDecryptionEnabled is set to true

    Currently when JournalReportDecryptionEnabled is set to true, the archive mailbox gets an unencrypted message with a winmail.dat attachment. The winmail.dat attachment contains the original unencrypted message.
    Instead, it would be much more desirable to simply journal the original message in unencrypted format.
    For FINRA (and possibly other agencies) regulated organizations, this is required so that the journaling provider is able to properly index and search journaled messages.
    This is causing us to have to use a 3rd party product for message encryption and we'd love to be able to keep that all on Office 365 instead.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Advanced Threat Protection and Safe Links

    We had an email with a link that was pointing to web page with multiple link, none of them safe. One of the Phishing URL brought up a spurious Microsoft Office login page. The Safe Link process of ATP failed to stop this email which was delivered as safe. Safe URL scanning should check everything, going as deep as needed to check for possible threats.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add PCI DSS as an assessment to be performed

    It would be nice to have PCI DSS as an option to track in security and compliance (mainly having microsoft respond to the service provider controls and then I can complete the customer required contols).

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Automatically prompt to install .NET Framework 4.7 when the new eDiscovery Tool is prompted to download

    I shouldn't have to have to hunt for a separate installation of .NET 4.7 when our users have to download a new version of eDiscovery. It should automatically install with the tool if not installed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base