Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add search for failed login attempts to Audit Log Search

    Right now the audit log search allows for searching user sign-ins but not failed login attempts. This can be accessed by exporting the events but having that feature available in the search would make it more convenient to get an at-a-glance view of failed attempts and the IP addresses that are attempting to get access. This is not to say I don't trust Microsoft's ability to detect suspicious logins; it's more for our own situational awareness of where *********** attempts are coming from.

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  2. spam filter allowed and blocked sender limit

    Please remove Safe and Blocked Sender Limit. There should be an option to add unlimited allowed and blocked list sender and domains. Existing spam protection does not block most of emails.

    90 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. Remove Limit of 60 users for New Anti-Phishing Policy

    Why is there a limit of 60 users that can be added to the new Anti-Phishing Policy? I would expect to have this very important feature available to ALL of our O365 users. Please remove this limitation so that we can add ALL of our O365 users to this new Anti-Phishing Policy

    89 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Delegate Audit Log access by Activity Type

    Please add the ability to delegate read-access to audit logs by Activity type. For example, access to just "Power BI activities" audit logs, or "Microsoft Teams activities" audit logs.

    This would be useful as different groups within IT manage the usage of different O365 services, yet they have to be given access to all or nothing.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Office 365 quarantine report should have a link to view live quarantine

    This is a simple feature to implement and my users were used to it with Appriver. My users get a report of their quarantined emails daily, that emailed report should have a link (https://admin.protection.outlook.com/quarantine) for the users to click to view their quarantined email at any time, so they don't have to wait a day.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Use Outlook junk mail actions to train hosted spam filters

    Junkmail filtering has been a constant pain point for me with O365 business and Outlook. The spam filters have an awfully high number of false positives, and only rarely capture real spam (I don't get much on these accounts). Most of the mail that gets filtered is from the same set of senders even though I constantly tell Outlook that these messages are not Junk. O365 needs to leverage this data to improve filtering reliability.

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →

    The Junk Email Reporting Add-in is our current solution for Outlook users. You can get the download for it, and learn more here:
    https://technet.microsoft.com/library/jj723127(v=exchg.150).aspx
    We do absolutely triage these submissions and use them to improve EOP.

    If you aren’t using Outlook, simply create a new mail to junk [AT] office365.microsoft.com and attach the entire message, including headers (see https://technet.microsoft.com/library/jj723151(v=exchg.150).aspx). We are looking at better reporting options for Mac and mobile users. What might be helpful here is commenting with which applications you use most.

    Administrators can also now go to http://aka.ms/FixSpam and troubleshoot their users’ most persistent spam issues.

    If you continue having difficulties, we recommend a support ticket to investigate current samples. It is frequently the case that a simple configuration issue is to blame — and support can help you figure this out.

  7. Increase or release the limit for the policy with specific inclusions or exclusions

    I would request you to increase or release the limit on the number of mailboxes for the retention policy with specific inclusions or exclusions. When we create a policy with specific inclusions or exclusions for the retention policy in SCC, we can apply the policy up to 1,000 mailboxes. However, this limit would be a big burden for enterprises in terms of the tenant management as they have a huge number of users.
    Referenced the article below, https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies?view=o365-worldwide#a-policy-with-specific-inclusions-or-exclusions

    88 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Retention Labels - Time Left - Report all files with label

    Hi,

    Would it be possible to have a report system or dahsboard, which would report on Time left of the retention period for all items or even just files that have a particualar label applied that the user has created.

    For example. A calculated column that shows the item, location, retention/deletion, time remaining before it happens, based on whether it was, either labeled, created, last modifed. (hope it makes sence)

    Currently you have to use the 'content search' area [search and investigation] and do the calculations there within excel on any given report.

    see the post here for some more…

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Message Trace by Subject in Mail Flow

    Allow Message search by Subject in Mail Flow in addition to ECompliance & Discovery and allow an export to CSV.

    87 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enable DKIM for Office 365 Home with custom email domain

    The Office 365 Home subscription allows you to use your your own email domain. However, there is no option to enable DKIM and without it, outgoing email often ends up in the recipient's Spam folder, making the custom email domain capability useless.

    Please expose the DKIM setting on the UI for O365 Home subscribers.
    The feature itself is already implemented and available in the Business edition, but requires the Admin panel which does not exist in Office 365 Home.

    https://office365.uservoice.com/forums/273493-office-365-admin/suggestions/38177803-enable-dkim-for-office-365-home-with-custom-email

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. enable tls 1.3 support

    please enable tls 1.3 support.
    This will improve rtt times and improve privacy.

    84 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    working on it  ·  1 comment  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  12. Quarantine notification emails: please change it back.

    The new Quarantine notification emails are not useful.
    The layout is very inefficient with screen real estate and difficult to read on a computer, and unreadable on a smartphone.
    Also, end users need the ability to release valid emails directly from the Notification message on a smartphone, instead of forcing them to log into the Quarantine web page (which is also unusable on a smartphone).

    83 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Recall message in OWA

    In OWA, there is currently no option to recall a message. We have the option with Office 2013 and Office 2016, but not OWA. This would be a great addition to OWA and further HIPAA compliance to have the ability to recall a message from OWA and receive both failure and succesful recall notifications.

    82 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. A bug when creating a Retention Policy for Skype for Business in the O365 Admin portal

    When creating the policy, the * means all, but it still forces you to select users to add to the retention policy.

    81 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Fixing DBEB to work with Dynamic Distrbution Lists, or disable DBEB by default.

    Fixing DBEB to work with Dynamic Distrbution Lists, or disable DBEB by default. I've been working with MS tech support for a week now trying to figure out why our Dynamic Distribution Lists have all of a sudden stopped working remotely. They said it is because we are using "Authoritative" domains (which are default) and by default DBEB is enabled, which does NOT allow Dynamic Distribution Groups to work from the outside. The tech support team I've been working with says MS has no plans on fixing this and in order to disable DBEB, we have to contact them so…

    80 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add MailboxLogin as a default action for Mailbox Owner Auditing

    I would like to see MailboxLogin added to the list of default actions that are audited for the mailbox owner. I realize it can be added separately; however, you will not receive updates to the default actions in the future if you make any changes and you would have to script this to enable it for any new mailbox that is created afterwards. I want to accept the default settings and not have to periodically review/add new actions. I don't understand why this is not included in the default action list for owner.

    80 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow users to migrate their Microsoft accounts to Office 365

    When a firm establishes an Office 365 tenant, they should have the option to allow users to migrate their existing Microsoft Account identities to the company account. This should migrate their existing OneDrive and other consumer data to the corporate account as well as "merge" the identities so access given to other Office 365 tenants' SharePoint and other sites transfers over. Users could also opt not to migrate, in which case they should be required to "vacate" the company domain and migrate to an outlook.com or other consumer branded domain, much like the old Lync/OCS federation process that took place…

    79 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. message trace by domain

    Please allow tracing any email sent by domain, for when you don't have a specific sender's email address. Thanks.

    75 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  19. Secure Score - MFA with conditional access is not counted

    Secure Score - MFA with conditional access is not counted.
    The system recognizes only full MFA while it was set as encofrece

    75 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Coded redactions in Advanced eDiscovery

    The redaction on the document gets a Code (i.e. where AeD masks with the word “REDACTED”, code would be stamped instead) A given document can have multiple redaction reasons, so each reason has its own code, i.e. multiple redaction labels on the document. Additionally, a log must also accompany the disclosure stating which documents are redacted and the code/reason for the redaction.

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base