Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make secure score available to partners

    As a Partner I have access to the tenant of my clients. I'm not able to see the score of my clients tenant and check easily what changes need to be done and discuss this with my clients.
    I can only do this when I have an separate admin account of the clients tenant.
    Now with the integration of secure score into the compliance center shows a widget of the score but not the actions that needs to be taken. Please integrate the full secure score

    102 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  2. add option to create a transport rule to send an automatic reply/response to a sender emailing a recipient in the organisation.

    need an option to send an automatic reply/response to any sender emailing a specific recipient in the organisation via a transport rule. the option is available in Exchange 2013 so should be possible in Office 365. a rule from the mailbox is not suitable as this will only send the response once to each sender. the mailbox is not monitored so customers should be sent an acknowledgement email to confirm that their email has been received.

    100 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow for adjusting the link expiration time for an OME v2 encrypted message.

    Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

    99 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Block Office Files with Macro's

    We are getting numerous malware attacks with zero hour Office files containing malicious Macro's, these are often blocked within 60-90 minutes but some are still being received by users. The signature is changing regularly so they aren't picked up by your scanners despite the original virus being around 12 months old.

    We do educate the users not to open them and Macro's are disabled, but blocking the content at the gateway would be better.

    Some of this functionality was available in Forefront for Exchange.

    99 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  5. Fix DMARC implementation to match the RFC7489 defined behaviour for p=reject and p=quarantine

    Fix DMARC implementation to match the RFC 7489 defined behaviour for p=reject and p=quarantine.
    Current behaviour p=reject messages are quarantined???

    99 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Conditional Access by Network Location

    Want to bring network location-based conditional access policy to not only SharePoint but also the whole of office365.

    98 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability to perform eDiscovery collections for specific Outlook Folders

    I have a requirement from a large customer (85K users) that needs to be able to perform eDiscovery collections for specific Outlook folders. We can do date range and Full Mbx collections, but not specific folders. This was possible on-premises, but not in Exchange Online ????

    98 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  8. safelinks whitelist domain with wildcard

    Safelinks currently requires you enter each url you'd like to allow through. I'd like to have safelinks allow a wildcard domain. for instance we get many emails from our own systems pointing to internal urls. sometimes those emails get distorted because the url's are listed in plain text and replaced with the safelink.

    I'd like to allow wildcard https://.mydomain.com/ to allow domains such as web.mydomain.com/page and test.mydomain.com/stuff to go through with by making one simple rule vs theoretically hundreds.

    97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  9. OME v2 - Encrypt Only Template

    The new version of OME that is now more integrated into AIP, needs to have an encrypt only option such as you can configure using the message classification configuration.

    The DNF use case is too restrictive for our organisation.

    Thank you for consideration.

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Provide watermark capability for sharepoint online libraries

    SharePoint online and One drive for business is positioned to be used for collaboration with 3rd parties . Features like RMS provide the security for collaboration. In addition, I would like to see if Microsoft can provide the ability to watermark documents ( word, ppt, exchange attachments, excel etc) to maintain the integrity of documents that are shared outside the organization. In particular, if a library or folder is slated for sharing , I would like to have the option to enforce preselected watermarks ( for example :user id, corporate, brand or some id) across all pages of the document…

    96 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  11. Advanced Threat Protection and Dynamic Delivery of emails

    With Dynamic Delivery, email is delivered with a provisional attachment that indicates that the original attachment is being scanned by ATP and will be delivered soon. If this email if forwarded before the original attachment is released by ATP, the recipient of the forwarded email will receive the provisional attachment and never see the original attachment once released to the first recipient.
    This is a problem for business where many executives on the move use mobile phones to routinely forward emails to team members for follow-up. We also have users who setup Outlook rule that forward emails to other users. …

    94 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Alert Policy for Inbox Rule Creation/Deletion/Modification

    Currently O365 has an alert for forwarding/redirect rule within Security and Compliance Center. Considering that most phishing campaigns are crafted with someone setting up Inbox rules to move messages to another folder which are monitored, creating a man-in-the-middle attack. It would benefit tremendously to be alerted whenever a user creates/deletes/modify an inbox rule to prevent attacks before they happen.

    93 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Advanced Threat Protection - SafeLinks - Create Submission Mechanism for False Positive Malicious Domains

    Advanced Threat Protection - SafeLinks - Create Submission Mechanism for False Positive Malicious Domains

    This idea would create a feedback / reporting mechanism for domains incorrectly tagged as malicious by the SafeLinks feature. We had an example of a partner domain that was tagged as malicious, had zero malware / good reputation / etc. (confirmed by Microsoft Support), and had no way to feed that information back into Microsoft for a review of the malicious domain list so it could be removed. Similar feedback mechanisms exist for false positive Spam and virus detections - URLs deserve the same treatment.

    92 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow dynamic retention policy based on group membership

    The below is too great a restriction and renders the retention policy useless.

    Groups selection confirmation

    The specified groups will be expanded so that an In-Place Hold can be put on the mailboxes in these groups. Only the mailboxes that are currently members of these groups will be placed on hold. Mailboxes added to or removed from these groups won't be added or removed from this hold. After setting the group for the location, the new member changes for this group will not auto apply to this location settings. Do you want to expand these groups?

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email notification of Quarantined Emails for Admins

    In addition to the below feature, quarantine should have an email notification for Admins (option or to be enabled) so that they can review and can release or delete accordingly via a link that is included in the email. Cannot rely on end user to release...

    ————-
    Share: Updated feature: Email quarantine capabilities

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Office 365 needs a suite-wide URL web link shortener

    I could increase the adoption of various features / apps in Office 365 if I had a URL web link shortener in my tenant.

    For example, we recently had some groups working on shared Word documents via OneDrive. In order to help them get up-to-speed, I created a bit.ly link so that they could get directly to the OneDrive where we were all working together.

    I am also trying to get people to send links to documents that they maintain versus copies. I have a mnemonic "send a link, helps me think, send a copy, make inbox sloppy."

    If the…

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Admins be able to delete unsent mail from queue

    Office 365 admins should be able to go into the mail flow queue and delete or resend emails that show "stuck" (either pending for a long time) or duplicate emails.

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Branding Quarantine notification mail and scheduling when notification goes out


    1. It would be nice if you could extend some of the company branding to the quarantine notification email. Add in a logo and maybe some contact info for the helpdesk or whomever. Also the ability to add a link to the quarantine site so they can manage more than one message if they so choose.


    2. Other anti spam providers allow you to schedule when the quarantine message goes out. It's nice to be able to set it to arrive in the users mailbox around the time they arrive. This way they have the latest and greatest.


    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  19. Use Outlook junk mail actions to train hosted spam filters

    Junkmail filtering has been a constant pain point for me with O365 business and Outlook. The spam filters have an awfully high number of false positives, and only rarely capture real spam (I don't get much on these accounts). Most of the mail that gets filtered is from the same set of senders even though I constantly tell Outlook that these messages are not Junk. O365 needs to leverage this data to improve filtering reliability.

    85 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    The Junk Email Reporting Add-in is our current solution for Outlook users. You can get the download for it, and learn more here:
    https://technet.microsoft.com/library/jj723127(v=exchg.150).aspx
    We do absolutely triage these submissions and use them to improve EOP.

    If you aren’t using Outlook, simply create a new mail to junk [AT] office365.microsoft.com and attach the entire message, including headers (see https://technet.microsoft.com/library/jj723151(v=exchg.150).aspx). We are looking at better reporting options for Mac and mobile users. What might be helpful here is commenting with which applications you use most.

    Administrators can also now go to http://aka.ms/FixSpam and troubleshoot their users’ most persistent spam issues.

    If you continue having difficulties, we recommend a support ticket to investigate current samples. It is frequently the case that a simple configuration issue is to blame — and support can help you figure this out.

  20. Allow us to create alerts for sign in Failures and Successes based off of IP Geo Location. Alerts if log in success outside of country.

    I would like to Create and alert if there are failed login attempts or successful login attempts from IP addresses originating outside of my City/State/Country.

    Allow us to either white list IP addresses and alert for any not on the white list. Blacklist IP addresses and alert based off of just black list. Select Country regions and alert if selected countries IP addresses are the originating IP. Allow us to alert for only failures, only successes, or both.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base