Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Office Message Encryption - Link instead of HTML attachment

    Enable encryption to be a link in the body of the message instead of an attachment. Many filters block html attachments.

    65 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    • To allow more than 30 messages per minute maybe up to 50?

      Currently office365 has a messaging limit of 30 per minute. It would be idial to have this increased to maybe at least 50 per minute.

      65 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

        The referenced limits only apply to hosted mailboxes. These limits are in place to prevent abuse on multiple fronts (unlike some limits, this is not simply a matter of adding capacity, since spammers would also be able to take advantage of higher limits). For applications which need to send bulk email, it is not necessarily a current best practice to use an Office 365 hosted mailbox.

        One issue with the suggestion is that while 50 may be enough for your company’s application today, it may not be enough in the future, or for someone else — how much is enough?

        We will certainly periodically re-visit all limits in the service as we have consistently done, and raise those which we can raise. We are certainly considering all options including future features & offerings. However, at this time, we feel that using a bulk mailer or on-premises server for mass email…

      • Create Content searches based on message ID, Time, and null/blank subjects.

        Employee's send out emails with no subjects all the time, however I am unable to add a null/blank subject as a condition in content search.

        I am also unable to content search or filter based off of message ID.

        There is also no time option, only date, as a search condition.

        This makes content searching for an email with no subject a huge pain.

        Please add the ability to create content searches based off of blank/null subjects, sent time between X and Y, and based off of message ID in the mail headers as an option.

        65 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
        • Audit Log Functionality for New Inbox / Forwarding Rule / Mass Failed Logins

          As a support provider I've seen an influx of fraudulent access cases. I would like to see an audit log option (and alert) for Inbox and Forwarding Rules as well as for Mass Failed Logins.
          I know that for E5 and Advanced Security Management subscribers they can create something for failed logins but with this becoming more common place I think the people would appreciate this functionality.

          64 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            4 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
          • Add support for CAA records in DNS panel

            I'd very much like to see support for CAA records in the future =).
            See https://support.dnsimple.com/articles/caa-record/

            The check for this record is going to be mandatory with September 2017. The security of all our certificates and domains would be greatly improved if we could set this record :)

            64 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
            • Improve the create preservation policy wizard in the Compliance Center

              Adding Preservation Policies for Sharepoint and OneDrive is to time consuming. There needs to be an easier option to preserve all users drives and SharePoint Sites.

              The current wizard is 9 pages and you need to have the exact address of the users site to add each one. It would take months for me to add all of my users in this way.

              Preservation policies for Mailboxes at least let you search and select all to add them, so it would take considerably less time to complete. That would be at least a modest improvement.

              63 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                6 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • incident

                Fix ATP Threat Explorer Incident Reporting

                We would like to use ATP Threat Explorer to mitigate phishing messages coming into our environment. The incident reporting does not build confidence in the tool. As an example I recently used it to hard delete 6 messages from our environment. The incident report did not give data for two full days. When it did, it reported status "Failed". However, looking at the report details, all six messages show hard delete status "Success", with no failures. Accurate and timely reporting of incident results will build confidence in the ATP Threat Explorer tool.

                63 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  2 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
                • Allow users to migrate their Microsoft accounts to Office 365

                  When a firm establishes an Office 365 tenant, they should have the option to allow users to migrate their existing Microsoft Account identities to the company account. This should migrate their existing OneDrive and other consumer data to the corporate account as well as "merge" the identities so access given to other Office 365 tenants' SharePoint and other sites transfers over. Users could also opt not to migrate, in which case they should be required to "vacate" the company domain and migrate to an outlook.com or other consumer branded domain, much like the old Lync/OCS federation process that took place…

                  60 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                  • Stop external emails being sent directly to the onmicrosoft.com ailiases

                    My organisation is using a 3rd party mail gateway in front of Office 365. However we have discovered that sending emails directly to the aliases: @<domain>.mail.onmicrosoft.com and @<domain>.onmicrosoft.com bypasses our mail gateway allowing malicious emails through.

                    It should be made clear that these aliases should be locked down either by a transport rule or by being able to change the MX records, the latter not being possible at this time.

                    60 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      7 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow us to create alerts for sign in Failures and Successes based off of IP Geo Location. Alerts if log in success outside of country.

                      I would like to Create and alert if there are failed login attempts or successful login attempts from IP addresses originating outside of my City/State/Country.

                      Allow us to either white list IP addresses and alert for any not on the white list. Blacklist IP addresses and alert based off of just black list. Select Country regions and alert if selected countries IP addresses are the originating IP. Allow us to alert for only failures, only successes, or both.

                      60 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        5 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
                      • Advanced Threat Protection (ATP) - Allow to create custom malware alert notifications

                        We need send a customized notification email message to recipients or administrators when a malware was detected by Safe Attachments.

                        60 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          2 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
                        • Extend the Audit Log to hold records for longer than ninety days

                          The Audit Log's functionality in Office 365 is excellent but the logs are only held for ninety days rolling.

                          Due to this we are having to look at third party solutions to export the logs automatically, but this would be much easier if you extended the logging period out to a much longer period - years would be better than months.

                          60 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            7 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
                          • Make secure score available to partners

                            As a Partner I have access to the tenant of my clients. I'm not able to see the score of my clients tenant and check easily what changes need to be done and discuss this with my clients.
                            I can only do this when I have an separate admin account of the clients tenant.
                            Now with the integration of secure score into the compliance center shows a widget of the score but not the actions that needs to be taken. Please integrate the full secure score

                            60 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              5 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
                            • Block spoofing messages even when the source is a trusted relay in another tenant.

                              We have discovered if an e-mail is sent through a relay trusted in one tenant, that message will be delivered as not-spam to any other O365 tenant regardless of sender address and SPF records. This seems like a large gap in the service, for example; if one client machine was to get compromised that machine could send any number of messages from any source address through the relay and they would automatically be trusted and delivered to any mailbox using EOP or Exchange Online.

                              We would like to see these messages at least checked against SPF records at the receiving…

                              59 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                              • increased logging capabilities

                                When a standard user logs into Office 365 (SharePoint Online, Exchange Online, etc.) reporting should also include the following:

                                Login Username
                                Microsoft Office 365 IP
                                User/Client IP
                                User-Agent
                                Success/Failure of Login

                                This will allow security folks to monitor for compromised accounts, as well as help with compliance.

                                59 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  6 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Ability to limit access to Online Archive by Client Location

                                  We'd like the ability to limit access for users to their O365 Online Archives by client location/IP.

                                  For example, if the user is connected to the corporate network, their online archive should be accessible through Outlook. If the user is away, working from home, etc, the online archive is not available/accessible.

                                  Whilst we have security measures in place (like MFA) for accounts if a user's credentials are stolen, the most common access would be via OWA from an external location/IP. By archiving (moving) old/sensitive email to the online archive, and restricting access by location, we could effectively limit the amount…

                                  58 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Office 365 quarantine report should have a link to view live quarantine

                                    This is a simple feature to implement and my users were used to it with Appriver. My users get a report of their quarantined emails daily, that emailed report should have a link (https://admin.protection.outlook.com/quarantine) for the users to click to view their quarantined email at any time, so they don't have to wait a day.

                                    58 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      3 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Ability to apply multiple Branding Options for Office 365 Message Encryption

                                      Office 365 Message Encryption currently only provides the ability to specify one set of branding configurations (see https://technet.microsoft.com/en-us/library/dn569292.aspx). Large enterprises that have multiple entities need the ability to provide branding for each entity.

                                      For example, if Contoso was comprised of entities Fabrikam, Northwind, and ADatum, each entity should be able to specify it's own branding for OME.

                                      57 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                      • include changes in journal rules as an activity alert in the Security and Compliance center

                                        Please consider adding changes in Journal Rules (Exchange) as an activity for alert in the Security and Compliance center. We have many customers who would find value in this.

                                        57 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          13 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
                                        • delete content from content search through gui not using New-ComplianceSearchAction

                                          Currently users with the ediscovery role can run search for content and download that content. Using the New-ComplianceSearchAction -purge -softdelete you can delete this content (which we use for deleting spam or malware emails out of mailboxes). We do not want our security operations team to use powershell to complete these deletes so we have to write a gui to provide this functionality. Please enable the ability to complete deletes within the SCC itself

                                          56 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            4 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base