Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Data Loss Prevention Policy - allow user notification to be either an email or a policy tip.

    Currently, you can only choose both and you can not choose one or the other.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  2. Do Not agree with many Office 365 ATP Safe Attachments decisions. Fix criteria!

    Do Not agree with many Office 365 ATP Safe Attachments decisions. Fix criteria

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. How do you override a blocked link I sent to myself?

    There is nothing wrong with this Smartsheets link I was just using on another laptop 3 seconds ago, I cant work now.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Remove the Asterisk on the new eDiscovery Content Search page for Keyword Parameter

    The new eDiscovery Content Search page on Security & Compliance center includes an asterisk next to "Keywords" saying it's a required field. It is NOT a required field and is confusing. Also - the SAVE button on the accounts page is below the bottom of the page, you should move it to next to the X at the top. I can't tell you how many times I've accidentally closed it when I meant to save it.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. When I detect ATP, I want to be able to set spam [add text to the head of the subject line as well as filter] setting

    I want to make it possible to add [text to the beginning of the subject line] in addition to [Monitor] etc. when the ATP is detected
    In a transport rule, there is a method of bypassing a file with a specific extension detected by ATP
    However, if you want to set [add text to the beginning of the subject line] for all detected ATPs

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow admins to export the findings from all O365 Security Centre Dashboard Reports (including associated user names) so they can be tracked

    Currently, there is no ability to export the associated user names from ANY of the security dashboards on O365 Security Center.

    If your development team can take this feedback and add that feature, that will be very helpful.

    The reason is that unless I am able to export the names of users involved in any potential security finding (such as users having SMPT auth, users with malware detected, users targeted with fishing attacks etc.), it is difficult to track the remediation, follow up conversation etc. for those cases.

    Hence I request – ALL the dashboards on O365 should have the…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  7. screen restrictions for iOS

    We have screen restrictions at intune mobile application management level for android, this is a good feature and should also be available for iOS.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to easily delete a phishing email from all mailboxes

    Running a search & powershell is slow and tedious, when speed is of the essence.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. unusual external file activity

    Add the ability to whitelist certain SharePoint sites from the unusual external file activity alert. We have several sites that are designed to be shared externally, have no sensitive data, and that we do not need to be alerted about. We don't have any way of filtering those out of the alerts though, so we are regularly getting useless notifications and have a hard time filtering through to find the ones we actually do care about.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. O365 Management API ability to subscribe to activities for a mailbox/activity type

    We have to subscribe for whole Exchange activities and filter out data after reading the activity. It will be really nice to have the option to subscribe to activities for only the mailbox and/or /activity type we are interested in.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add More MS Products to the Compliance Manager

    Hello,

    I can see that it took a lto of work, but if you could assign even one person for all major MS product lines to address adding these products to the Compliance Manager, like you have for Office 365, in particular VTST and TFS, that would be great. I know that these products aren't necessarily associated with personal data; however depending on what you're developing and also in thinking a privacy by design, this is where it happens in the MS world. Maybe SSMS too.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  13. Don't show senders of received emails from receiver found by search in "Works with" area (-> NSA style)

    Currently you disclose the senders of emails an Office 365 user A has received when another user B searches the user and selects it.
    The user B sees any email sender user A has received an email from.
    That way the user easily can derive the communication relationships of other users, what may be with intent, but is highly unwanted in our area (Germany), who is not so fond with NSA's style of data security.
    Please make this feature detachable. ("Works with" is named "Arbeitet mit" at me, hope it spells "Work with" at you).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please allow more than 1 phone number for 2-factor authentication

    If two people want to use the admin account with 2-fact authentication, it's impossible.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Your 'block' list for domains is relying on ANCIENT data. How do I get my site removed from your erroneous block list?

    Your 'block' list for domains appears to be relying on ANCIENT data. Where are the instructions for reporting errors in your list? How do I get my site removed from your erroneous (irresponsible even?) block list? [Or how do I find out WHY you are blocking me?]

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. outlook-pst-to-office-365

    If you are searching a tool to migrate your PST item like emails, contacts, calendars, attachments, etc to Exchange Online.
    So I suggest you use emailsoftwares PST to Office 365 Migration Tool. This software will import your all PST items into
    Office 365 within few clicks. For more details visit:

    http://www.emailsoftwares.com/migrate-outlook-pst-to-office-365.html

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Process Audio and Video files to make them searchable

    Extract text from audio and video files so eDiscovery search can include them

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow Alerts Policy to target Distribution Lists or Security Groups

    When creating a new alert policy it's only possible to have the alert target a specific user rather than a class of users as defined by a distribution list or security group.

    As an educational institution we don't care if our students forward mail outside of the system but want to ensure that we are tracking new forwarding rules for all staff and faculty. This is currently not possible.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Customer managed granularity for CSPs in compliance manager for Office 365

    Allow the ability to split the Customer field into CSP and Customer(s). Also associated permissions to see what you are assigned via groups. Shared responsibility is not always just two parties.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ease of use needs improvement

    Encrypting emails is easy. Recipients on the other hand have major problems. Most of our clients have moved away from 365 encryption because it is so confusing and difficult to read the emails. I suggest you guys streamline the process and simplify it for the recipients before everyone jumps ship for simpler solutions. You nailed the front end process but the recipients suffer badly and can never seem to figure out how to open messages.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  • Don't see your idea?

Feedback and Knowledge Base