Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow powershell scripting in Advanced eDiscovery

    I have scripted out the entire eDiscovery process in E3 eDiscovery which allowed us to save time and money, and repeat searches with minor variations very easily. With Advanced eDiscovery, I am unable to do so. Please add powershell scripting support (or provide the documentation) so we can streamline our collection and export processes.

    220 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support Brand Indicators for Message Identification (BIMI) for better brand recognition and user sender awareness

    today EOP/EXO supports Microsoft’s Business Profile Program to show logos for verified sender. Please add support for BIMI as an industry wide standard for displaying logos. Good explanation can be found here. https://office365itpros.com/2018/12/06/email-company-logos-office365/

    218 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Admin Notifications for Zero Hour Auto Purge (ZAP) actions.

    Need to have notification to Admins when ZAP takes an action on email.
    1) Need to know what was found and deleted
    2) Even more importantly, need to know what was found and WAS NOT deleted since it had already been read.

    218 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  4. Quarantine notifications, but no release functionalility

    Quarantine notifications, but no release functionality.
    We have currently setup the Spam quarantine notification messages for our employees. When they receive such an alert message, the users are able to release the captured messages. We would like to have the Quarantine alerts message to stay in place, but want to prevent end-users to release the messages. We want to force a 'second opinion' flow in between, to delegate this task to the Hygiene administrators. In such a configuration employees shouldn't be able to open the Quarantine URL either. Unfortunately we see some users are not able to see the difference…

    209 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Available in PREVIEW  ·  9 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Certificate of Destruction

    When applying the new unified retention policies across Office 365, and you have configured the policy to delete content after a specified period of time, is there any provisions for a review/approval process and/or a 'certificate of destruction' as an audit of what was deleted? This is a standard requirement for many Information Management teams as Courts of law look for prior review and approval for disposed content if called upon.

    208 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. More Than 8-Character Minimum Password Requirement

    Allow for the current 8-character minimum requirement to be changed to something longer (i.e. – 10 or 12). Allowing for an 8-character minimum password length ensures mostly that.

    Changing character density from 8 to 10 characters increases offline resilience from less than a day to almost two (2) decades, and 12 characters to over a thousand centuries [ref: Gibson research Center’s ‘Haystack’ page - https://www.grc.com/haystack.htm ].

    Allowing administrators the option of lifting this minimum not only forces users to create potentially more secure passwords, but also allows them to use them longer without needing to change them… potentially until there…

    204 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. MessageBind

    The action of when a message was viewed in the preview pane or opened by the owner of the mailbox is not logged by mailbox audit logging.
    Please have the "MessageBind" action logged for the owner.

    199 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Fix Advanced Threat Protection Attachment Scan When Email Is Auto-Forwarded

    Currently ATP fails to release an attachment (continually displays ATP Scan in Progress in place of actual attachment) when the email with the "stuck" attachment has been auto-forwarded by a user with an Out-of-Office rule in place within the same email domain. Strangely, the email attachment is scanned just fine from the auto-forwarding recipient and can be manually forwarded to any recipient, but if it's auto-forwarded, the attachment stays stuck in an never displays as available. This has been reported to MS Support who attempted a work-around (which failed) Office 365 Ticket #30126-5487056 .

    194 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    20 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Increase or release the limit for the policy with specific inclusions or exclusions

    I would request you to increase or release the limit on the number of mailboxes for the retention policy with specific inclusions or exclusions. When we create a policy with specific inclusions or exclusions for the retention policy in SCC, we can apply the policy up to 1,000 mailboxes. However, this limit would be a big burden for enterprises in terms of the tenant management as they have a huge number of users.
    Referenced the article below, https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies?view=o365-worldwide#a-policy-with-specific-inclusions-or-exclusions

    196 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Email notification of Quarantined Emails for Admins

    In addition to the below feature, quarantine should have an email notification for Admins (option or to be enabled) so that they can review and can release or delete accordingly via a link that is included in the email. Cannot rely on end user to release...

    ————-
    Share: Updated feature: Email quarantine capabilities

    192 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    in the plans  ·  11 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enable geofencing in Office365

    Enabling geofencing will be a good option to prevent access from different parts of the world.

    192 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. New function proporsal : Coping eDiscovery result to Discovery mailbox operation from S/C center.

    Operations from sc center that Copy eDiscovery search results to a discovery mailbox would be very useful.

    This operation is available only in Exchange Management Center.
    but we want to implement this operation in SC center too. Please consider this function.

    187 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    17 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →

    We now offer more simplified way to review content in Advanced eDiscovery. Please review documentation here:

    Review sets in Advanced eDiscovery (v2.0)

    https://docs.microsoft.com/en-us/microsoft-365/compliance/view-documents-in-review-set?view=o365-worldwide

    Note that the In-Place eDiscovery and Holds cmdlets in the EAC are now retired:

    https://docs.microsoft.com/en-us/microsoft-365/compliance/legacy-ediscovery-retirement?view=o365-worldwide

    We recommend considering the new review tool in Advanced eDiscovery.

  13. report message additional mailbox

    The Report Message add in is great, but there is a limitation around not supporting additional mailboxes (shared\functional). Would be great if this add-in could support additional mailboxes as well as the primary mailbox.

    177 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Fix the Unusual Volume of File Deletion Alert

    Our Office 365 tenant is generating 20+ of these alerts to our admins every day and every time we investigate, it is always the same story, the user is cleaning out old files or moving them from OneDrive to SharePoint. This alert needs some serious attention or organizations affected will just disable it.

    173 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Increase security for MFA App Passwords – ‘flaw in security’

    There are a few security issues with App Passwords while using MFA. The security around App Passwords needs to be strengthened.
    First, App Passwords of all Alpha lower case is not as secure as the current passwords policies our users are using. By enabling MFA, our clients and users are complaining about the strength of the App Password.
    Second, App Passwords that can be re-used are lessening the password security of user accounts. This allows users to copy/paste or write down the password to be used again and again.
    Suggestions.
    - Increase the complexity of the App Password (upper case,…

    169 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Audit report showing encrypted messages sent

    Messages are encrypted automatically according to rules. However, there is no way to confirm for audit purposes that a message was actually encrypted.

    169 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  17. Mailbox Auditing enabled by default

    We would like to have mailbox auditing enabled by default for all mailboxes in Office 365. We should not have to manually enable for new users as they are added (via PS). Can we not have a way of enabling this for all mailboxes on the tenant?

    164 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add multiple wildcard options to message trace capabilities

    Please allow for the ability to use get-messagetrace in combination with multiple wildcard scenarios. For instance, if I want to see @.co.uk via a PowerShell query.

    Example script
    $mystart = (Get-Date).addhours(-72)
    $myend = Get-Date
    Get-MessageTrace -StartDate $mystart -EndDate $myend | where {$_.senderaddress -like "@.co.uk"}

    This information use to be available with the ForeFront for Exchange on-prem solution and is still available with the Exchange on-prem Get-MessageTrackingLog function currently.

    160 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  19. More details in message trace (client type and message class)

    On on-prem exchange servers, there are valuable information that are showing what client was used to send a message or meeting (like AirSync or MOMT, etc.), and Message Class (like IPM.Note or IPM.Schedule.Meeting.Request, etc.).
    This has proven to be valuable in determining some mailflow issues and would also be valuable information in Office 365 message trace.
    Thank you.

    159 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  20. Custom Safety Tips

    We would really like to be able to raise a few custom Safety Tips on inbound messages.

    For starters, it would be great to raise a Safety Tip on every message originating from an external sender, i.e. every inbound message. A simple safety tip that read "Notice: This message was sent from outside our organization. Please use caution with links an attachments" would work wonders.

    Another Safety Tip, perhaps with a warning level, to flag messages that fail SPF checks would also help.

    The idea is to provide actionable information to message recipients so that they can make better decisions…

    159 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base