Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow In-Place Archive mailboxes to be deployed automatically for new users

    There is no option in the Set-MailboxPlan to enable In-Place Archive Mailbox for new users by default.
    By enabling an option to do so in Set-MailboxPlan or adding a function to allow organization-wide setting for enabling In-Place Archive, it saves admin's time and work.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. Viewing attachment filename

    We have Transport rules setup in order to trap any attachments. We then get Notifications forwarded by the recipient, then we check within Exchange Admin Centre, the Quarantine page and when we find the email, we can click on the 'Preview Email Message' and we can see the filename of the attachment. We use this feature just to view the filename - not the contents - just the filename and it's extension, so we can analyze quickly it's potential risk.This feature is now missing in the new Quarantine Page within the 'Security & Compliance Centre' Can this feature be enabled…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. IP Category for public VPNs and Proxies

    Is there was a way that Microsoft can tag the IP addresses which belong to VPN and proxy service providers such as tunnelBear, nordeVPN, ViperVPN,OpenVPN,OperaVPN,etc.

    This will help to increase the security and ease the analysts job functionality when going through logs.

    https://udger.com/resources/ip-list/anonymizingvpnservice
    https://free-proxy-list.net/

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Message trace shows spoofed mail as legitimate

    Please can you enhance the Message trace, spoofed mail will fool your system and show as an internal mail when this is not the case. This leads to incorrect troubleshooting.

    Thanks Bill.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  5. content search to add Number of Recipients is not greater than X number of Recipients

    content search to add Number of Recipients is not greater than X number of Recipients field for teams searches

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  6. man in the middle

    Ladies and Gentlemen!

    Our IT security specialists have found out that the login data is transferred in plain text when logging on to Office 365. This enables very simple "Man in the middle" attacks. I found a post in Technet about this topic, which is two years old.
    This should be checked and fixed urgently.
    Link to original post: https://blogs.technet.microsoft.com/latam/2016/12/09/o365sectalken/
    Thank you very much!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. add county to on the ip translate on the auditing security log

    pleas add on the user IP report the county and location of the ip it help to read the log and see if there was attack

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Show all activity types in the dropdown box for policies in Advanced Security Management

    When creating or editing a policy, you can only browse down to "Force users..." in the Activity Types drop down selector, but if you know the name of activities further down in the alphabet, you can type them in & find them. You should be able to scroll through all of them so an external reference isn't needed.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. In Tracking, kindly provide the feature of subject wise tracking.

    As each day, we get phishing issue and tracking with subject is a need.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  10. Create security alert when someone with a delegated email opens up the email from the "open another mailbox" link in Outlook online

    Create security alert when someone with a delegated email opens up the delegated email from the "open another mailbox" link in Outlook online

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  11. Install MsOffice with product key

    Microsoft Office is an applications suite, which accommodates some application package into a suite, called MS Office. Each Office application has a unique purpose to get a specific service to office users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. During eDicovery Export, create an SHA-2 hash for the export file

    During an eDiscovery Export, please create an SHA-2 hash of the export file and publish it along with the download key. This will enable verification that the download was completely successful and ensure that the exported data wasn't modified after export (possibly before being consumed by another litigation system).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  13. Faltan opciones para la realización de búsquedas por contenido

    Desde hace varias semanas hemos venido recibiendo en varios buzones de correo mensajes que incluyen un archivo adjunto de tipo "IMG" (imágenes de disco) el cual a su vez contiene archivos ejecutables. Cuando el usuario abre el archivo adjunto, Windows 10 monta la imagen (crea una unidad de disco en el equipo) y muestra el contenido, el cual al ser abierto infecta el equipo y da inicio a una serie de tareas típicas en casos de malware.
    Días después del inicio de estos mensajes entrantes, encontramos que a través de una de las cuentas receptoras se estaban enviando masivamente mensajes…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable starting an extended message trace directly from the result window after running a basic message trace

    Run a basic message trace. Look at the results. If anything looks wrong in the message trace detail, provide an option to run extended trace for that particular message right from the detail page.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  16. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. I have several wifi networks-Frontier, Dish Direct-I've tested them ad they lead right my. I contacted the FCC about the wide-band License

    HI-I've tried to contact the Gov about this-the FCC took off what they thought was illegal but I cannot see the entire account....I KNOW these are on my device and it's the simplest of fixes I would think? The Comcast debacle took forever to put together and I still think it may be an issue,but they are, well, not good. Any Apache software on my device needs to go-there are so many fraudulent licenses....and I can't do a thing until those wifi providers are off.
    I also see the now-deprecated G+ icon and other Social Media are on several pages…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable Administrators to set Spam Senders limit

    Currently the restricted users is set as below;
    30 messages in a minute
    10000 in a day
    or 500 recipients in one email

    it is currently not possible for this to me edited and for many users this is far more leeway than needed - could this be changed to be configured per tenant (ATP or otherwise) or the general limits lowered and this has allowed a spam account to send over 8000 mail messages until we reset the password by staying under 30

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  19. Note known issues in Health Status section as they become known

    Issues like the one that wasted my time today, Messages unable to be released from quarantine through Exchange>Protection menu, for which there is a known issue, should be noted in the health or status section of the admin dashboard.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Please add delivery status separately in one month message trace report

    Please add delivery status separately in one month message trace report

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base