Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. audit trail delegate 'send as' 'send on behalf of'

    have the exchange online audit trail include events for granting/revoking 'send as' and 'send on behalf of' mailbox delegation permissions

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Users not getting prior intimation of Password Expiration notification

    We have done setting in office 365 admin - security setting for password expiration as 60 days expiration period and 14 days advance notWe have done setting in office 365 admin - security setting for password expiration as 60 days expiration period and 14 days advance notification to user on password expiration. User not getting such notification after expiration period and IT dept. has to reset each and every user password from admin ification to user on password expiration. User not getting such notification after expiration period and IT dept. has to reset each and every user password from admin…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. Figure out why users get a Security Warning that outlook.office365.com has a bad certificate (issued to dsldevice.domain_notset.invalid).

    It's all in the title. Your service should not be trying to use such a certificate. Maybe check to see if a server has been taken over.

    This seems to happen about once ever 3 weeks or so.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Use an email phishing engine that takes into account American vernacular as well as spelling and grammar.

    Foreign phishers, of which most seem to be, cannot master the idiosyncrasies of American vernacular and they even struggle with basic grammar and spelling. Since they are usually posing as legitimate American companies or professional individuals, create a machine learning engine that understands American vernacular then sanity check emails for violations of the learned rules of the vernacular. Microsoft likely already has a usable machine learning capaability already (bot Tay for example). Time to stop playing with that technology and start using it!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. ATPを検知したとき、スパムフィルター同様、[件名行の先頭にテキストを追加する] 設定ができるようにしたい

    ATPを検知した際の動作に [モニター]などに加え、[件名行の先頭にテキストを追加する] をできるようにしたい
    トランスポートルールにて、ATPにて検知された特定の拡張子のファイルをバイパスする方法ならあるが、検知したATPすべてに対して[件名行の先頭にテキストを追加する] を設定したい

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Critical Bug at Customer Sites

    I've entered a bug issue (bug in new Office security feature), providing the details, and NO ONE has responded in any way. I was told that these issues are reviewed by the Office Dev Team.

    I need a response NOW. Customer sites are broken.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allowing filtering for what is listed in ‘Activity’ within the Search ‘Activities’ UI [https://protection.office.com/#/unifiedauditlog]

    The Search Activities within the 'Audit L:og Search' differ from the 'Activities' that are listed as results.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  9. GDPR: Email addresses disclosure message in SharePoint Online

    External user are able to see email addresses using generic link: https://<tenant>-my.sharepoint.com/_forms/default.aspx.

    The email address appears in the body of the warning screen provided by the above link. Besides the email address, in the warning screen also appears the source link which can be modified by changing the UserID parameter. In this way, a user can generate the full list of email addresses registered in the corresponding site collection.

    This is considered a security breach in the perspective of some industries and also GDPR regulations.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. hover over links

    I am trying to get our users to hover over email links to check where they really go.

    This hovering doesn't show the URL in OWA!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. When a message is tagged as potential spam, spoof, etc allow the viewer to respond if it is spam, spoof, etc while viewing the email and use

    When a message is tagged as potential spam, spoof, etc allow the viewer to respond if it is spam, spoof, etc while viewing the email and use responses to make the identification process smarter (positive responses could cause tagging criteria to be updated).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Change Swedish translation of "Business Justification" to something else

    When a user chooses to override a DLP rule and needs to give a business justification the get prompted with in Swedish "Jag har en affärsjustering" ("I have a business justification" in English). I'm not even sure if "affärsjustering" is a word so it's not a very good translation. It's not an easy sentence to translate correctly but the words "berättigande, rättfärdigande, anledning or motivering" is better translation of "Justification" and a change of the translation should be considered.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  13. SCC Admin Quarantine email releases to all recipients when "release to other people" field is left blank

    When releasing emails from the Quarantine, if the "to other recipients" option is chosen and left blank (which the tool allows) email is released to all recipients. There is no notification nor documentation about this. If I am choosing "other people" there is a clear intention not to release to original recipients.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Safelinks not rewriting URLs

    Hi,

    Apparently if the sender composes ANY URL without pressing space or Enter after and then sends the Email directly, the recipient would receive the email with URL not rewritten and clickable directly.

    I assume most spammers know this by now and use this method to bypass the ATP safelinks mechanism.

    Yesterday we recieved a spam mail with a malicious URL which was not rewritten due it did not contain a href link.

    I checked this with o365 support and they confirmed explanation above.

    I realize there is some technical difficulty in solving this matter but this needs to be…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. ip address log

    my up address history

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Are there flags sent with diagnostic data to distinguish it from unsanctioned outgoing data sourced ffrom malware?

    The inclusion of an un unreplicable token having a checksum or other content validating feature with program feedback data would assist a system monitor scanning outgoing data looking for unsanctioned messages by reducing overhead and simplifying recognition logic to make it static to reduce maintenance overhead..

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow us to rewrite the Subject like your competitors have been doing for years

    when we encrypt a message we use a [secure] tag in the subject we want to remove that tag after the message gets encrypted, but you do not allow it

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  18. Report on why Secore Score changes

    An explanation regarding why a Secure Score action has changed with no admin intervention, would be good.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. 3DES usage

    Spreadsheet of TLS 3DES usage needs a column for Cipher used. Showing us which protocol was used is ok, but knowing that Bob connected with TLS 1.0/1.1 doesn't tell us if the Cipher used was 3DES or not.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  20. Content Search report should what has triggered

    In Security and Compliance, Content Search, you can view a report or download a report. It should be nice if you could see what keyword of the query caused this document of mail to show up in the results. For example, I have one query that queries on BSN(social security number in the NL) and CV(resumé). When I look at a hit in the report, I don't know what keyword, BSN or CV, triggered this.
    I assume the answer is in this case to create two separate reports but I can imagine that you don't want to build that many…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base