Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. If you share files uploaded to OneDrive with external users, DLP will not detect them.

    If you share files uploaded to OneDrive with external users, DLP will not detect them.

    Upload the Contents file containing Sensitive Data to OneDrive.
    DLP will not detect sharing with external users.

    OneDrive's sharing function is a basic function that users use very naturally, such as attaching a file to their email.

    If Sensitive Data included Content is delivered to external users using OneDrive sharing function, DLP will request modification so that it can be detected.

    The only way to detect this now.
    1. Record file information with Sensitive Data in DLP Events
    2. Check if recorded file is an…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Improve interface of the Intelligent Mailbox protection

    The Office 365 Anti phishing default policy has options for adding users despite the documentation saying that the default applies to all users? This is very confusing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow NIST 800-53 baseline implementation (low/moderate/high)

    A filtering option to apply NIST 800-53 controls for a low/moderate/high baseline should be applied.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. Make the effect of actions in EOP quarantining of messages clearer.

    Currently it is not clear from the guidance supplied whether Remove From Quarantine will then let a user read the email in their inbox or whether it will result in the email being deleted. Hence, it is unclear which action a user should select between Remove From Quarantine or Release Message. Better distinction is needed to enable users to be able to make the correct choice, especially when they are happy about a sender so want to read the email.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. re synchronize sharepoint user without needing to delete account from the active directory

    Currently, the user account can not be refiled from the sharepoint without deleting the active directory account in some cases.
    It is necessary that it can be done when there are users who have problems in sharepoint.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Stop asking me to connect my computer to the internet regularly to verify my office 365 account. This is very annoying. You only need once.

    Because my account has already been verified when I activate my office 365. It is not necessary to do this time and time again. I do not want to connect my computer to the internet. This is very annoying,

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  9. Use wildcards in Device User Agent quarantine rules

    It would be good to be able to use wildcards to test Device User Agents in mobile quarantine policies.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Block file transfer that is in progress to OneDrive

    WE do not want users to bulk transfer files from on premise shared storage to individual OneDrive storage.

    Please include the following capabilities:
    1) Audit log entry for number of files and size of file transfers
    2) Notification to admins if file transfers exceed a user selected setting on # of files and on file size
    3) Ability for admins to stop file transfers, if required.

    One justification: If a person is on legal hold, any files uploaded to OneDrive will be there permanently, although inaccessible to the user. Files that contain confidential or sensitive information cannot be deleted, increasing…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. To recall and replace a message

    hi,

    OWA web in we want to To recall and replace a message function example Click Delete unread copies of this message or Delete unread copies and replace with a new message, and then click OK.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable 2FA on Outlook

    It is simple - get rid of the whole "app password" scheme for Outlook and Skype and enable real, honest-to-goodness 2FA for those apps!
    I am astonished this still has not been done.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. eDiscovery Search Name Gives Error if Duplicated

    If the error message to say - This name has alreaady been used could be amended to say which case it can be located in.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  16. Multi Factor Authentication and App Passwords cannot be deployed in my organization.

    We are an IT department of 6 that support 1,235 end users. We recently had a handful of users click an illicit link and had their O365 accounts hijacked by an unknown 3rd party. The simple answer to this problem is to enable Multi-Factor-Authentication. Our end users do not have the patients nor the technical knowledge to even consider using App-Passwords. They can barely keep track of one password let alone a different password for every device they own. We NEED multi-factor-authentication but training end users, making them use app-passwords, maintaining current hardware and devices, and adding future devices is…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Excel 2013 crashes again and again.

    It will has no response suddenly, I have to restart again and again. All your programmer are from Indian? Can't provide a stable office? ****!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. install 365 on my laptop, it is hook-up to the internet

    I need to make this laptop Power point work for Hurricane training. your assistance

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Linking GLBA

    Consider adding the GLBA FTC guidance to the bank of documents that you list under the GDPR window. Existing clients in financial services have existing challenges under the GLBA. If that's already done, please disregard this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base