Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. add an unsuppress option for the Office 365 Security and Compliance portal emails.

    add an unsuppress option for the Office 365 Security and Compliance portal emails.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Provide a list of definitions for the activities that populate in the activities column

    Provide a list of definitions for the activities that populate in the activities column of the Audit search under security and compliance

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  3. There should be a dedicated mobile app to manage your quarantine and junk mail settings.

    Managing quarantined messages from a mobile device is very difficult. The digest message is unusable from the native IOS mail client. visiting the quarantine site from a mobile phone is non functional. There should be a dedicated app where you can easily manage your messages in the quarantine. Ideally there would be an easy interface to also manage your black and white lists.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add the ability to display company logo on Legal Hold Memos

    Currently any attempt to include a logo gif, jpeg, png file on Legal Hold Notifications results in an error, "The linked image cannot be displayed. The file may have been moved, renamed, or deleted. Verify that the link points to the correct file and location.” Supporting this ability would make customizing legal hold memos in organizations with multiple brands simpler.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. Report Message add-in Organizational Automation

    Would like to use Report Message add-in to automate organizational alerting and “immunity” for flagged phishing emails. Ideally, if one user flags an email as malicious, would like to automate heightened alterning for any other users who received the same email or an email from that sender. For example, employee 1 (E1) & employee 2 (E2) both receive the same phishing email. E1 identifies the email as suspicious and flags the email using Report Message Add-in. E2, who has not yet reviewed the email, will have that emailed flagged in their inbox to alert them to use extra caution. I…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. SMTP Auth Clients Report - View Details Table: Add date, senderName, tls_version, tls_cipher, original_client_ip and message_count

    In SMTP Auth Clients Report - View Details Table, it's only showing the Sender Address and Message count. On the other hand, the custom report (CSV file) sent by hitting Request report has the date, senderName, senderDomain, tlsversion, tlscipher, originalclientip, and message_count.

    The problem with the Request report is that it takes so long (hour or more than an hour) before receiving the CSV file.

    Please have this available from the View Details Table without requesting to send the report.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  7. The deletion does not work despite repeated attempts to report to the IP Delist Portal. IP [145.239.86.74]

    The deletion does not work despite repeated attempts to report to the IP Delist Portal. IP [145.239.86.74]

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. quarantine

    Please allow access to the new quarantine page in the S&C (protection.office.com/quarantine) without an EXO license.
    Accessing the new quarantine page without EXO license results in error: request: /api/quarantinemessage/querymessage
    status code: 500. An EXO license isn't required for the quarantine page in the EAC, but it will retire soon.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. spoof domain name soundex report

    Report which detect similar domain name registered within o365 to avoid spear phishing attacks. Using Soundex example:
    @mydomain.com would report on new tenant with @myd0main.com - only provide public whois information in report
    Thank you

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  10. "J" junk and blocking shortcut in Outlook online mail

    Dear Microsoft,
    I would ask that you get rid of the shortcuts that only require 1 key to implement. There is a "J" feature that I have inadvertently used twice to junk and block emails from my boss. An accidental hit of the keyboard and poof, they're gone. Please take this into consideration and either add a "ctrl" or some other feature so as not to accidentally block emails with just the hit of the "J" button.

    Thank you.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Improve International Spam Filtering

    In our troubleshooting with MS to reduce flood of approx.11,500 spam / unsolicited email messages for a particular user, we've implemented International Spam filtering (regional filter). This setting checks to see if the IP address sending the emails are from a specified region.

    We recommend this setting also include blocking the top level domains (TLDs), or at least that verbiage that this is a geolocation type of technology (IP address, etc.) be added (i.e., tool tips, support documentation, etc.).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. O365 Retention Tags - Do not act as per documented on Technet

    Microsoft documentation clearly states a E3 or E5 license is required to enforce retention policies from Office 365 compliance center. I have proven this to not be true and opened a ticket with Microsoft, their response was:

    "While an archive\Retention can technically be applied to a shared mailbox without a license, this is not supported. Since it is not supported to do so, this ability may be removed in the near future."

    a) Either fix the product to do what your documentation states, or change your documentation and support O365 retention policies on non licensed mailboxes.

    b) Do proper QA…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  14. Create an Alert for Newly created Document Library

    We would like to setup and Alert when Document library is created by the super users, so IT department can double check the security setting.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow us to change devices name at [Device Operation] page

    *English follows Japanese

    ■Title(件名):
    [デバイス操作] ページのデバイス名変更機能の実装要望
    Allow us to change devices name at [Device Operation] page


    ■Description(内容):
    現在、Microsoft 365 MDM 機能において、[デバイス操作] ページに表示されるデバイス名を任意に変更することができない。

    どのデバイスであるかを管理することが困難なため、[デバイス操作] ページでのデバイス名の変更機能の実装を要望します。

    I would like to change devices in any name at [Device Operation] page for Microsoft 365 MDM to recognize devices by name for better manageability.

    Thank you for your consideration.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Services OFFICE365

    Guys, this new office365 service portal is much more complicated than the old portal which was much easier
    Removing the security part of Exchange and separating only got worse, and removing the functionality of the old portal is complicating it much more.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Quarantine "Not yet released to" should be near the top of the page

    The "Not yet released to" field would be better near the top of the page instead of at the bottom so you don't have to scroll down to see who the email is going to be released to.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  19. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improve interface of the Intelligent Mailbox protection

    The Office 365 Anti phishing default policy has options for adding users despite the documentation saying that the default applies to all users? This is very confusing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base