Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Specify the applied entity in the "Activity Map" on the Cloud App Security dashboard

    "Activity" on the world map might indicate "activities" as defined in the other reports on the dashboard about user activity. However it seems that the applied entity in the "Activity map" is defined as "active users with any number of activities (including any number of logins) during the specified time interval".
    A clarification about the definition and applied entity on the "Activity map" as well as in the documentation would be helpful and appreciated.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  2. Provide the option to decrypt emails on the client only

    In the Snowden incident, the government forced Lavabit to provide them with their SSL keys, in order to decrypt their traffic.

    For some clients in financing and government, this risk might not be acceptable.

    Therefore, it should be possible to have an additional encryption layer on top of SSL, where email are transferred to the client in an encrypted state an can only be decrypted by the client.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Dangerous behaviour of SPAM Whitelist

    If there are multiple senders in smtp-header, the spam whitelist is checking each of this senders, and if one is included, then the message is whitelisted. Sounds good.

    I have some pishing eMails received, that are whitelisted, because the faked Sender is in my whitelist.

    MAIL FROM: <wicked@spam.com>
    From: Display Name <good@wellknown.com> <wicked@spam.com>
    (no sender field)

    so, if i have <good@wellknown.com> in my whitelist, the mail would not be checked as spam. The mail however is sent from wicked@spam.com>. It would be displayed as
    Display Name <good@wellknown.com> in Outlook.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Reporting Phishing email/URL with Admin submission

    Admin submission is always completed as Verdict "not junk". however the emails are 100% Phish.

    either, you check the emails carefully? or add option like, Block similar emails and URLS.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. test

    現状、Outlook on the web サービス以外の Microsoft Office 365 サービスを使用する場合、Skype for Business のプレゼンス情報が Office 365 のナビゲーション バーに表示されませんが、
    今後 Office 365 のすべてのサービスでプレゼンスが正しく表示させるか、すべてのサービスでプレゼンスを非表示にすることができるようにしたいです。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. ATP scanning document dimension limit

    Extend O365 ATP limit for SharePoint online document. Current O365 ATP support 25MB document in scanning with SharePoint Online

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Hacking

    Yes my EX husband has signed all my emails up to different things.I only use my email for work.Everytime I create a new email he gets into it and changes number and security info and PW.I created 5 in 24hrs the thing is he denies it he’s also doing identity theft impersonating people to try scam me on gumtree he’s made himself administer to my acc and has managed to get into my brand new iPhone new Apple ID emails ect.I have my phone locked away in a safe all the time and on Aeroplane mode.Livibg under same roof until…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add ability to block Apple Watches as mobile devices to prevent downloads of email

    As of now, a user could have an authorized mobile device (company iphone or BYOD), for which him/her can get access to email. These devices have encryption and PIN policies via Office 365. These devices are registered and allowed via Office 365. If a user connects an APple Watch to their iphone, they can download email and attachments to it, the device is NOT encrypted nor PINed with policies and NOT authorized. Yet it is being allowed. Security risk.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. nothing

    nothing

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Release Spam notification to user immediately

    We are a financial organisation.
    Transactions are time based. Cannot afford to miss emails.

    The spam notification to users is sent once a day.
    Hence, by the time user receives notification that a message has been quarantined, the action time is breached.

    This can lead to regulatory penalties, litigation, loss of business and brand impact.

    The spam notification should be sent to user as soon as the message is quarantined.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. logging

    We need to be able to see the exact modifications made to things like the AllowedSenderDomains content. Right now there is a log generated for the Set-HostedContentFilterPolicy event and it contains the date / time, user, the fact that it was the AllowedSenderDomains content that was changed but it does not tell you what was actually changed. All the message contains is the complete listing of the domains (sort of). The same goes for the removal of any domains in this list. A definitive name of the entry modification is what we really need.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Address zero width spaces used in URLs - safelinks phishing

    This article highlights weaknesses in Microsoft safelinks https://thehackernews.com/2019/01/phishing-zero-width-spaces.html
    which also states microsoft addressed on 9 January 2019.

    However, testing on 11 Jan, we were able to use zero width spaces within a URL. It appeared that the URL was still being checked by safelinks as it goes to https://apac01.safelinks.protection.outlook.com/?url=https: ... " but when html source code was viewed it showed that safelinks data verification failed; and the user was directed to the modified URL which originally had zero width spaces included.

    Can Microsoft please checks this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Approved Third Party Software

    Who can I talk to about adding a new third party provider to the "Archive data with a third-party" list?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Communication Compliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. Stop. You are way out of control. Let us manage our systems.

    Stop doing what you are doing let our accepted up list and overrides work. You are stopping valid emails and don’t allow them through even when we report them to you. Either stop blocking or allow what we report to you in a timely manner. I have been reporting legitimate emails from the same sender for months and still have to spend hours delivering them manually even though they are on the allowed sender list. Counter productive.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add the ability to disable creation of temporary (owner) files or change where they are created

    I understand that the temporary, or Owner files are a useful tool as they allow for the recovery of data if Office programs such as Word, Excel or PowerPoint crash, but in some cases, this actually is a problem. One such case is for audit trails.

    My company has specific files and folders that need the modified date intact, but when opening Office files in these folders, the creation of the Owner file in the same folder when the file is opened and the subsequent removal when the file is closed, even though the file is not modified in any…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  16. 2FA integration with other vendors

    Many cloud/on prem software vendors are setting up 2FA or enabling this for their customers. For some it is a breeze to setup, for others a proper nightmare, as you have to work on their system then back to AD then back to their system and sometimes it does not work and when user changes in their system AD does not know about and vice versa. IMHO it would be better just like you do with device drivers to have all vendors 2FA integration process simplified/automated as much as possible such that once user logs into AD they are presented…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Separate user account and product information logins

    In newer versions of MS Office 365, user account and product information logins have been merged into one. Before they were separate, allowing a user to be logged out while still recognizing the product license, and thereby providing greater user privacy and security. A user that does not want to use additional features such as OneDrive should not have to be logged in at all times. Please separate these two logins again, making user account login optional and separate from product information login, which simply verifies the license. This option was available in earlier builds such as Build 8528.2147 Click-to-run.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  19. ediscovery

    the ediscovery doesn't pull up the right search results for all emails between a time interval with specific recipients and senders

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add guidance for mac users on how to encrypt for InTune compliance

    Add guidance (or link to Apple guidance) for users who are prompted to encrypt their mac to comply with InTune device management. Currently users are told to encrypt then linked to a page with no information on how to do this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base