Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow Journal decryption in OME

    Currently RMS-encrypted mails can be decrypted for the purposes of journaling, but OME-encrypted mails - even though also based on RMS - does not have the same option. Set-IRMConfiguration -JournalReportDecryptionEnabled $true is used to enable RMS journal decryption. I suggest something similar is developed and made available for OME.

    103 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. DLP workflow

    DLP workflow - currently there is effectively no DLP workflow. You can block emails from leaving by implementing a DLP policy, but you cannot create a workflow where items violating DLP are routed to a DLP admin team who review it, and can then take further action (review, release, escalate etc). This is pretty bread and butter stuff, and we have had to abandon using 365 DLP (we are using Mailguard for this instead) because it simply can't do what we and our customers need. DLP is not a simple "yes / no" - we've received hundreds of false positives…

    102 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. FIDO U2F support

    Office 365 for work: We need Office 365 for Work support a FIDO Universal Second Factor (U2F) protocol standard Security Key.

    As many organisation would like to shift to Office 365 but they concern about the security standard which request Office 365 to support Universal Second Factor (U2F) protocol standard security key as Microsoft is a member of FIDO.

    100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add multiple wildcard options to message trace capabilities

    Please allow for the ability to use get-messagetrace in combination with multiple wildcard scenarios. For instance, if I want to see *@*.co.uk via a PowerShell query.

    Example script
    $mystart = (Get-Date).addhours(-72)
    $myend = Get-Date
    Get-MessageTrace -StartDate $mystart -EndDate $myend | where {$_.senderaddress -like "*@*.co.uk"}

    This information use to be available with the ForeFront for Exchange on-prem solution and is still available with the Exchange on-prem Get-MessageTrackingLog function currently.

    99 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  5. Conditional Access by Network Location

    Want to bring network location-based conditional access policy to not only SharePoint but also the whole of office365.

    97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to perform eDiscovery collections for specific Outlook Folders

    I have a requirement from a large customer (85K users) that needs to be able to perform eDiscovery collections for specific Outlook folders. We can do date range and Full Mbx collections, but not specific folders. This was possible on-premises, but not in Exchange Online ????

    97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  7. safelinks whitelist domain with wildcard

    Safelinks currently requires you enter each url you'd like to allow through. I'd like to have safelinks allow a wildcard domain. for instance we get many emails from our own systems pointing to internal urls. sometimes those emails get distorted because the url's are listed in plain text and replaced with the safelink.

    I'd like to allow wildcard https://*.mydomain.com/* to allow domains such as web.mydomain.com/page and test.mydomain.com/stuff to go through with by making one simple rule vs theoretically hundreds.

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  8. Custom Safety Tips

    We would really like to be able to raise a few custom Safety Tips on inbound messages.

    For starters, it would be great to raise a Safety Tip on every message originating from an external sender, i.e. every inbound message. A simple safety tip that read "Notice: This message was sent from outside our organization. Please use caution with links an attachments" would work wonders.

    Another Safety Tip, perhaps with a warning level, to flag messages that fail SPF checks would also help.

    The idea is to provide actionable information to message recipients so that they can make better decisions…

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. OME v2 - Encrypt Only Template

    The new version of OME that is now more integrated into AIP, needs to have an encrypt only option such as you can configure using the message classification configuration.

    The DNF use case is too restrictive for our organisation.

    Thank you for consideration.

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Creation of forwarding/redirect rule

    So last night this rule triggered for the first time, wasn't really aware of it in the first place.

    Severity:● Low

    Time:6/13/2018 10:00:00 PM (UTC)

    Activity:MailRedirect

    User:person@email.com

    Details: MailRedirect. This alert is triggered whenever someone gets access to read your user's email.

    Description: This alert is triggered when someone in your organization creates an email forwarding or redirect inbox rules using Outlook web app or Powershell -V1.0.0.2

    Now to me this is an incredibly frightening message to receive, since this person has access to extremely sensitive financial information. So since I was thinking this person had been compromised, I…

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    15 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  11. Office 365 labels - allow deletion of documents with labels

    Please allow users to delete documents with Office 365 labels and keep such deleted documents in a secure location for the duration of the retention period as described on the following label tooltip in Office 365: ""We'll make sure the labeled content stays put where it currently lives. For example, email messages will stay in mailboxes and docs will stay in SharePoint or OneDrive libraries. If users modify or delete the content, we'll keep a copy of it in a secure location so you can get to it if you need to." At the moment SharePoint documents with labels can't…

    95 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Fix DMARC implementation to match the RFC7489 defined behaviour for p=reject and p=quarantine

    Fix DMARC implementation to match the RFC 7489 defined behaviour for p=reject and p=quarantine.
    Current behaviour p=reject messages are quarantined???

    95 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Implement sensitive data ediscovery searches in Exchange Online

    Sensitive data searches for ediscovery currently work only in Sharepoint and One Drive. It also works for DLP in Exchange. This lack severely limits the usefulness of eDiscovery in Security and Compliance for Office 365.

    95 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow for adjusting the link expiration time for an OME v2 encrypted message.

    Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

    94 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Stop external emails being sent directly to the onmicrosoft.com ailiases

    My organisation is using a 3rd party mail gateway in front of Office 365. However we have discovered that sending emails directly to the aliases: @<domain>.mail.onmicrosoft.com and @<domain>.onmicrosoft.com bypasses our mail gateway allowing malicious emails through.

    It should be made clear that these aliases should be locked down either by a transport rule or by being able to change the MX records, the latter not being possible at this time.

    94 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. add option to create a transport rule to send an automatic reply/response to a sender emailing a recipient in the organisation.

    need an option to send an automatic reply/response to any sender emailing a specific recipient in the organisation via a transport rule. the option is available in Exchange 2013 so should be possible in Office 365. a rule from the mailbox is not suitable as this will only send the response once to each sender. the mailbox is not monitored so customers should be sent an acknowledgement email to confirm that their email has been received.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  17. Message Trace Attachment Attribute missing

    Message Trace do not include Attachment property and by only knowing attachment name you cannot find it. For example knowing a specific attachment has been leaked out from company but you cannot search it from the Trace.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  18. Create Content searches based on message ID, Time, and null/blank subjects.

    Employee's send out emails with no subjects all the time, however I am unable to add a null/blank subject as a condition in content search.

    I am also unable to content search or filter based off of message ID.

    There is also no time option, only date, as a search condition.

    This makes content searching for an email with no subject a huge pain.

    Please add the ability to create content searches based off of blank/null subjects, sent time between X and Y, and based off of message ID in the mail headers as an option.

    92 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  19. Advanced Threat Protection and Dynamic Delivery of emails

    With Dynamic Delivery, email is delivered with a provisional attachment that indicates that the original attachment is being scanned by ATP and will be delivered soon. If this email if forwarded before the original attachment is released by ATP, the recipient of the forwarded email will receive the provisional attachment and never see the original attachment once released to the first recipient.
    This is a problem for business where many executives on the move use mobile phones to routinely forward emails to team members for follow-up. We also have users who setup Outlook rule that forward emails to other users. …

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. More Than 8-Character Minimum Password Requirement

    Allow for the current 8-character minimum requirement to be changed to something longer (i.e. – 10 or 12). Allowing for an 8-character minimum password length ensures mostly that.

    Changing character density from 8 to 10 characters increases offline resilience from less than a day to almost two (2) decades, and 12 characters to over a thousand centuries [ref: Gibson research Center’s ‘Haystack’ page - https://www.grc.com/haystack.htm ].

    Allowing administrators the option of lifting this minimum not only forces users to create potentially more secure passwords, but also allows them to use them longer without needing to change them… potentially until there…

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base