Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Disable the new enhanced anti-spoof capability in Office 365 ATP

    Microsoft enhanced anti-spoof capabilities for Office 365. This new feature is responsible for automatic junking of a message if it fails implicit authentication. The limitation that now have is that we only can use policies to customize the actions and additionally block or allow specific senders based on their authentication status. Want to have have the ability to disable this (enhanced anti-spoofing) feature.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. My word document was removed because the note said a visa letter has to come from the country I was sending it to but they were wrong I was

    My word document was removed because the note said a visa letter has to come from the country I was sending it to but they were wrong I was sending the visa to Sierra Leone to invite to the USA from Sierra Leone to my country USA The note said they also had a problem with content because this is a visa invitation letter ....HELP DOES ANYONE HAVE CONTACT

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. MFA audit logs

    Would like the ability to see the MFA audit logs. To be able to see when a multi-factor was triggered to verify that it was requested and given for security purposes. This would validate if a user knowingly let him/herself be open to attacks.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Retention policies to cover only the In-Place Archive mailboxes

    Adding retention policies to cover only the In-Place Archive mailboxes and not the main mailbox.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. Put ALL in the drop down feature on the new spam filter page

    since you broke down all the different types of mail in the quarantine now, can you just add an ALL drop so users can see all blocked email instead of clicking on each category of message. -

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Fix the Audit Log export to download

    The Export Results -> Download all results functionality and spreadsheet that is created needs to be fixed.
    The log entries stuff under "Audit Data" do not seem to have similar data columns and it needs to.
    When you export it, you get an audit log.csv with the following headers:
    CreationDate UserIds Operations AuditData
    The Auditdata is just a huge mess of what looks like should be another CSV. Extracting this and trying to turn into a CSV based on commas results in some rows clearly having different data than others.
    It is impossible to nicely go through these logs to…

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  8. Prevent Exchange DLP Scanning SharePoint DLP Notifications

    When implementing DLP we found that Exchange DLP would scan SharePoint DLP notifications and leak information out to no-reply@sharepointonline.com.

    As a workaround we have excluded out reporting mailbox from DLP, however it would be better if this these notifications were not scanned.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  9. ASM notification e-mail with broken images

    Advanced Security Management notifications coming from Office365Alerts@microsoft.com have broken links to header image. It will not get displayed in Outlook.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Bugfix: Creating an eDiscovery Case with Edge

    When creating an eDiscovery case using Microsoft Edge and adding a search including a date range criteria, the case gets corrupted. The System locale was set to German, but that should not matter.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  11. I'm really frustrated that there seems to be no way to turn off this safe links blocking feature in Outlook. I was using a trusted, safe lin

    Really frustrated that there seems to be no way to turn off this safe links blocking feature in Outlook. I was using a trusted, safe link and I was forced to wait for 3 minutes for them to check the link. Shouldn't we as the users have the ability to choose for ourselves whether we want such delays while working?

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Support staff must be far more cognizant of security and protecting their clients resources

    The staff I speak with continue to ask me to elevate users to resources they should not otherwise have.
    The support staff should be provided with additional security training to understand conventional access control methodology; RBAC, DAC, MAC are all methodologies which various consumers MAY be utilizing, and the requests made should be compliant with the model in use; They should not repeatedly ask to provide access to user A for group B, it wastes a great deal of time, and time is money, in particular as there are a variety of competitive products for online documentation.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Is Audit log User signed in to mailbox broken, I got a result for one mailbox in a 4 hrs workshift of 262 logins?!

    Is Audit log "User signed in to mailbox" broken, I got a result for one mailbox in a 4 hrs workshift of 262 logins?!

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Can Service Trust Portal support IE11 soon?

    It would be nice that Service Trust Portal will support IE11 soon!

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  15. When an email from an external sender is sent to hosted quarantine for any reason (i.e. attachment type), notify the sender with reason.

    We have a transport rule that moves external email with specific attachment types to hosted quarantine - so we can release them if we need to. We would like to be able to send replies to the sender - asking them to consider re-submitting their email with an acceptable document type such as PDF.
    We could do this if we simply blocked the message altogether, but the idea of hosted quarantine is that we can review and release if it is necessary, without involving the original sender.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  16. 1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Export of folders for user instead of search in Security and Compliance.

    Allow Export of folders for user instead of search in Security and Compliance.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. DLP notifications webhook

    DLP Alerts should also have webhook capability and not just email.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  19. Custom sensitive information type - Allow minimum count for regex

    The GUI does not allow the minimum count for regex, only keywords. By allowing minimum count for Regex. This is to ensure eDiscovery search cases provide the same response as DLP policies.

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  20. UI: please add an export button at the end of the controls

    Please add another "Export to Excel" button at the end of the controls page.
    It usually makes me first scrolling down - recognizing that the button is not there - and scrolling all the way back to the top. Just doublicate the button!
    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base