Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. report message additional mailbox

    The Report Message add in is great, but there is a limitation around not supporting additional mailboxes (shared\functional). Would be great if this add-in could support additional mailboxes as well as the primary mailbox.

    70 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. End-user Spam Notifications by User or Group

    Have the ability to configure End-User Spam Notification by User or by Group. Currently we use a 3rd product to handle spam blocking and it sends a daily email with a list of blocked spam. Not all of our users care to receive this email so we would like to be able to control this feature within Office 365 but have the ability to configure which users want to receive the daily spam list or not. Currently Office 365 only let this be done by domain names. The ability to control who gets these notification should be able to be…

    69 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. Office 365 Online Archive - Need Folder Views for Archived Task and Calendar Items

    When Task and Calendar items are archived to the Online Archive there is no easy way to view or distinguish these item from the Office 365 Online version of Outlook, the Outlook client folder view needs to be used. For generic email accounts that multiple people need to access, using the Outlook client is not a viable option or solution. Would it be possible to create and option to allow one to filter the Task and Calendar items when creating an archive policy? Or to provided a filter or search option for Task an Calendar items once they have been…

    68 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow adding metadata fields to pending disposition reports

    Pending disposition and completed disposition reports are lacking metadata required to be captured by Government organisations for all disposed documents. Can we have the following metadata fields available in all disposition reports exported from Office 365:
    • Unique identifier (document ID number)
    • File name
    • Date created
    • Creator/Author
    • Date last modified
    • Last modified by
    • Date of disposal
    • Disposal label
    • Disposed by

    It would be even better if system admins could add/remove metadata fields from all disposition reports.

    Unfortunately, until these fields become available in Office 365 disposition reports, document disposal won’t meet the…

    67 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. Recall message in OWA

    In OWA, there is currently no option to recall a message. We have the option with Office 2013 and Office 2016, but not OWA. This would be a great addition to OWA and further HIPAA compliance to have the ability to recall a message from OWA and receive both failure and succesful recall notifications.

    67 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Keyword Query Limit needs Increase

    A keyword limit of 20 terms has recently been instituted in the Compliance Center eDiscovery searches. This limit is far too low and should be returned to an unlimited number of keywords (or at least a much higher limit like 100 keywords). This is negatively impacting the ability to do more complex searches in the Compliance Center.

    66 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow end users to release, delete, report via End User Spam Notification

    Recently, End User Spam Notification was modified and now end users are unable to "Release", "Block" quarantined spam emails from End User Spam Notification mail.

    I understand that end users must navigate to Security Compliance Center to do so, but I would like to do so from End User Spam Notification mail, so I want an option to bring back the old style End User Spam Notification.

    66 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Advanced Threat Protection (ATP) - Allow to create custom malware alert notifications

    We need send a customized notification email message to recipients or administrators when a malware was detected by Safe Attachments.

    65 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  9. Threat Protection not scanning links within attachments

    Advanced Threat Protection is not blocking phishing links within attachments. These links are coming through in a higher frequency as pdf attachments which are scanned by ATP and in turn are allowed through because they are clean attachments, but the links embedded within these pdf files are going to phishing websites and people are clicking on them. ATP is not blocking these links. Please fix ASAP!!!

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow O365 Activation when UseOnlineContent is Set to 0

    Below describes the function of the policy. However, setting to 0 blocks Activation. Please change this to allow a value of 0 to allow activation but still block online services.

    Set the value of UseOnlineContent to one of the following (To remove the connected services, set the value as 0. To recover the connected services, set the value as 2):
    UseOnlineContent value Value type Description

    0 DWORD Do not allow user to access Office 2016 resources on the Internet.

    1 DWORD Allow user to opt in to access of Office 2016 resources on the Internet.

    2 DWORD (Default) Allows the…

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. incident

    Fix ATP Threat Explorer Incident Reporting

    We would like to use ATP Threat Explorer to mitigate phishing messages coming into our environment. The incident reporting does not build confidence in the tool. As an example I recently used it to hard delete 6 messages from our environment. The incident report did not give data for two full days. When it did, it reported status "Failed". However, looking at the report details, all six messages show hard delete status "Success", with no failures. Accurate and timely reporting of incident results will build confidence in the ATP Threat Explorer tool.

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow content search to be able to query emails sent to any external recipients

    At the moment you only have the option to do a content search query for:

    Recipients/To: contains any of, doesn't contain any of, equals any of, & doesn't equal any of

    if your domain is @abc.com and you select to query recipients/to - doesn't contain any of/doesn't equal any of "@abc.com" it will find all emails sent to external users BUT will exclude all email sent to external users with a cc/bcc @abc.com

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Log Audit Log Searches and Exports in Audit Log

    Every global Admin can access the audit log - there is no way to control the usage of the Audit log !
    Audit Log can contain sensible user data and every global Admin can access this information without any documentation.
    So please log every search in Audit Log - who has searched what.

    64 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Specific quarantine permissions

    It would be great to allow specific rights for a user to access quarantine and see all users quarantined email. Like a delegated quarantine admin without the rest of the admin rights. This would really help us. I don't feel I can give a user full admin rights just to look at and release quarantined email.

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. message trace by domain

    Please allow tracing any email sent by domain, for when you don't have a specific sender's email address. Thanks.

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  16. Improve the create preservation policy wizard in the Compliance Center

    Adding Preservation Policies for Sharepoint and OneDrive is to time consuming. There needs to be an easier option to preserve all users drives and SharePoint Sites.

    The current wizard is 9 pages and you need to have the exact address of the users site to add each one. It would take months for me to add all of my users in this way.

    Preservation policies for Mailboxes at least let you search and select all to add them, so it would take considerably less time to complete. That would be at least a modest improvement.

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. enable the adjustment of time zone for message trace tool

    Hello.I suggest the Time zone on the message trace tool should be adjustable for administrators.This will enable the administrators to view mails trace in their local time as real time.

    Thank you

    63 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  18. Advanced Threat Protection (ATP) - The Safe Link protection WARNING page need customization access (to add comment and company logo)

    Please consider to add comment as well as company logo in the Safe Link WARNING page.

    Users expecting that cause they are also purchasing the service.

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow Security and Compliance Features to be scoped

    Features such as ediscovery, legal holds and message tracking that have moved into the security and compliance center are not able to be scoped. i.e. delegated admins can search all mailboxes instead of the mailboxes within the domains that they have access to.

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Retention Compliance Rule - Exclude Item Classes

    Provide the capability to exclude item classes from a Retention Compliance Rule. This will allow for excluding Notes, Tasks, and Calendar items

    MS has published articles detailing how to do this for hold policies dating back to January of 2018, but the cmdlets still do not exist.

    https://support.office.com/en-us/article/overview-of-retention-policies-5e377752-700d-4870-9b6d-12bfc12d2423

    Set-RetentionComplianceRule [-ExcludedItemClasses <MultiValuedProperty>

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  • Don't see your idea?

Feedback and Knowledge Base