Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. I want to be able to check the details of the log when company information is changed in the audit log.

    監査ログにて、会社情報が変更された際のログの詳細を確認できるようにしたい

    A log is recorded when there is a change in company information in the audit log.
    However, even if you check the details of the log, you cannot check what items were set and how.
    Currently, it is not possible to check what kind of settings have been made when setting user information as well as company information.
    If there are multiple administrators, it is necessary to check which administrator performed what operation, so I think it is necessary to implement this function.

    監査ログにて会社情報の変更があった際にログが記録されています。
    しかし、ログの詳細を確認してもどのような項目がどのように設定がされたかなどを確認することができません。
    現状、会社情報に限らずユーザー情報の設定を行った際にも、どのような設定をされたかどうかなどかを確認することができません。
    管理者が複数いる場合などに、どの管理者がどういった操作を行ったかを確認する必要があるため、本機能の実装が必要です。

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Please add more Phishing Templates for Attack Simulator

    Please add additional Phishing Templates, or create a GitHub repository for the community to collaborate on phishing templates. Other solutions have rich libraries so if Microsoft wants to compete with other phishing simulators, it really needs more choices.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. MalwareFilterPolicy: BypassOutboundMessages

    The parameter BypassOutboundMessages should also work in Exchange Online.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow search for all activity by IP

    I would like to search the entire activity log by a specific IP address.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Email Certificate of Destruction

    There is the capability to enable mailbox auditing, which also provides a audit log if a user, or an Exchange admin hard deletes a message. However, this audit log does not capture hard deletes when initiated from a retention policy. I would think this is a critical piece of information any compliance and regulatory department would need in the case of defensibility in a legal situation.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  6. jimenezcuerow@gmail.com

    Wilber jimenez cuero cc#16498830
    jimenezcuerow@gmail.com
    Calle16a #23-63 aranjuez cali valle del cauca colombia

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. The same portal with all alerts (MCAS, S&C, ATP...)

    We have a lot of pages for the alerts. Why haven't a new portal for all alerts? Or better, if i close one alert in one page why not synchronices automatically? We don't like have a lot of pages in the browser (MCAS, Sec. & Com., Win ATP, Azure IPC, etc...). All pages have the same alerts and our customers don't closes the alerts because they have a lot of duplicate work closing the same alert in 2/3 pages.

    For example, Microsoft offers Single Sing On (SSO), this feature is perfect because we have: 1 mail = multiple apps with…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. view pst

    please:
    1) clarify what to input into the fields designed to allow an export into the cloud/Azure (Container URL and SAS Token???)
    2) allow users to give outside counsel “guest” access to review/analyze the results w/o complicated IT steps in between
    3) develop an easier way than manually navigating through so many different PST files post-export.
    4) During the review process, there should be a way to “sort” by subject line etc, and to speed up the “tagging” process
    5) should be a way to create default "tags" that a user can replicate by default for future cases, rather than…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  9. The same portal with all alerts (MCAS, S&C, ATP...)

    We have a lot of pages for the alerts. Why haven't a new portal for all alerts? Or better, if i close one alert in one page why not synchronices automatically? We don't like have a lot of pages in the browser (MCAS, Sec. & Com., Win ATP, Azure IPC, etc...). All pages have the same alerts and our customers don't closes the alerts because they have a lot of duplicate work closing the same alert in 2/3 pages.

    For example, Microsoft offers Single Sing On (SSO), this feature is perfect because we have: 1 mail = multiple apps with…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. analytics

    Advanced eDiscovery - running analytics in the review set often fails where there is a lot of data.
    It would be nice if this could be fixed.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ability to notify reviewers of pending items in Communication Compliance

    There is no function in Communication Compliance to notify reviewers at some intervals that there are pending items.
    For example, we would like to have the ability to notify a reviewer every week that a pending items needs to be reviewed.

    Communication Compliance has the ability to send alerts using the alert policy (https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-feature-reference?view=o365-worldwide#alert-policies)
    However, the alert policy generates alerts when thresholds are exceeded.
    This cannot be set to notify reviewers at some intervals.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Communication Compliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Attack simulator spear phishing template variables

    In the attack simulator to run a spear phishing attack, the template variables are only username and URL. Adding another variable for email address would be helpful in addition to these as email address is often the user ID for many accounts, so being able to display the email address in the template would further simulate true attacks.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Refine the mechanism behind the anti-phishing policies.

    We are seeing an incredible amount of emails being filtered for email senders from domains which are only similar to what we have stipulated that we would like to protect.

    This needs to be refined. Similar email domains should not be filtered,

    For example, if within the policy, you specifically state that you want to protect germany.com and then you see hundreds of emails being filtered with a sender address of ababa@newgermany.com , it is not efficiently being acted upon.

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. DLP conditions and sensitive info types

    Office 365 DLP must have the option to create the sensitive infotype based on File type extensions and password protected files. also need better conditions like Transport rules do have currently in Exchange online.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
1 2 125 126 127 129 Next →
  • Don't see your idea?

Feedback and Knowledge Base