Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Eslam Mohamed@tedata. Nat

    رابط التفعيل ماي تي داتا

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
    • Entering Participants/To/From Conditions

      I would like to see the active directory picker added back to the Content Search. This feature is essential to our eDiscovery queries in order to find the correct participants to include in searches. In order to accurately comply with FOIA demands we rely on this feature and now it's gone!!

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
      • Use message header properties in email supervision policies

        I would like to exclude bulk mail from email supervision policies. Would it be possible to use some properties in the email header for policy conditions? In our initial testing, we're getting a large amount of newsletters and other bulk content.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
        • Spam notification - streamline functionality on email

          Spam Notification Message from quarantine@messaging.microsoft.com:
          Each action chosen on a spam message in the list opens a new browser window which is generally meaningless and is an annoyance

          Suggestion: 1. Have a selection for both the "release" and "report" action for each message

          2. Add a single button to "APPLY" actions at one time. - This eliminates the opening of a browser window for each individual action.

          Also, please clarify if "report" to Microsoft also releases the message to the inbox or not and vice-versa. Thank you!

          1 vote
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
          • Reduce Spam from "myself"

            Any mail from myself should be authenticated to go anywhere from or to me.
            This would reduce spoofed mail to myself almost to zero.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • Enable auditing on the OOF feature

              Enable auditing on the OOF Feature. We had a case where the Out of Office kept getting turned off on a shared mailbox and there is no auditing capability for this. Please create auditing on the OOF, turning it on and off again and by whom.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
              • Create report to pull a specific number of emails randomly from all selected user's email accounts.

                Need to be able to randomly pull specific number of emails from all selected users. This is to stay in compliance with our lawyers.

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
                • Block users being able to share link / content with 'Can Edit'

                  Currently user with edit (or above) permissions can share a link to content (documents or list items) and it default give the recipient 'Can Edit' rights.
                  This needs to be either 1) a feature you can disable, 2) at minimum set to 'Read Only' by default rather than 'can Edit'

                  At the moment users do not check if they have changed that setting and it allows in-controlled access to the site for people to edit without the owners permissions

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                  • Glitsch in the segregation of user database in GDPR

                    : When i today was managing the assigned user for the GDPR compliance in https://servicetrust.microsoft.com/FrameworkDetailV2/35413bd5-7b88-4356-b78f-e009dfa2ca4f is swiftly saw the userdatabase of a different tenant than mine on something dentalhealthservices... it was only visible for a few seconds. But i think there could be something wrong with the segregation of tenants in office 365 service trust portal.

                    The issue happened when i was clicking assign user and the screen that should have shown me my own user database. Instead i saw the other tenants user database for about 5 seconds, and it dissapeared again.

                    I was not able to recorde the…

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                    • Add Security & Compliance Category to Message Center

                      Updates to the Security & Compliance Center should be announced in the Office 365 Message Center and there should be a category for them so that Admins can include/exclude them

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Export MFA user details like authentication method and mobile number used to verify account login.

                        This would help the admin know the Method used to validate MFA enabled user accounts.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • Extend mailflow rules options add action : forward original e-mail content to recipient, but with stripped attachments

                          This is something that most anti-spam/virus security systems allow, but I cannot find a way to do this in exchange online.

                          For example, by default I do not trust any zips, nor the scanning of them. But 5% of zips are valid ones.

                          For the moment I can only send all ZIPs to quarantine and inform the recipient with a second command that they received "some kind of mail with a zip from someone".

                          This is too vague, I would rather the system would still send a copy of the original mail content to the recipient, but strip the zip…

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
                          • Stop requiring login to see news

                            We are tired of constantly logging in to see what's new and available to us.
                            When a mail is sent to me, I have to login as an admin to see the content.
                            Our tenant is heavily troubled with hackers.
                            I had to search Google to find a way to stop it, and also I found several links to security sub-pages on the Azure portal that I did not know about.
                            What about giving us the real news in the mail message, and also auto-add new config pages to the portal, we can always remove them later.
                            It's frustrating to…

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                            • Option to Enforce junk mail filter and not allow users to disable

                              Option to Enforce junk mail filter and disallow users to disable so sending spam in eop to users junk folder doesn't show up in inbox because user disabled the junk mail filter.

                              1 vote
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                              • 1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                                • 1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Better management tools for ATP Safe Attachments

                                    There is no way to manage emails that are currently undergoing an attachment scan in ATP. If that service goes down or experiences performance issues, there should be a way to administratively release these attachments.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
                                    • In change password page please provide some guidance text on success or fail

                                      In Office365 Change password page please add some guidance text when the operation of changing password was performed with success or with fail. It only have some guidance while typing the password (from javascript on client side) but there is now guidance after you slick Submit button. After submtit the page looks the same as first time you enter the page. I do not know if the change was performed with success and then to use the new password, or the change was failed and I should still use the old password.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Daily user quarantine report ability to change time

                                        The daily user quarantine report needs ability to change time to 9am. Currently my users are getting the reports at 9pm.
                                        I would like the ability to set time of user quarantine reports are sent and also frequency as once or twice a day.
                                        Thanks!
                                        William

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
                                        • If Sending to multiple recipients, it would be nice of the tool tip still appeared at the top of the message.

                                          ATP Anti phising policy puts a neat Mailtip on top of the message for one recipient - if to many, it puts in the footer in plain text, right after our disclaimer. That is pretty worthless.

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base