Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Outlook Configuration Pushed from O365

    One example may be Configure Trust center settings through a client policy / GPO alike function. It would add tremendous value and could help the organizations that doesn’t have AD or have less experience managing ther ow AD.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Report for Top Recipents in a specific mailbox

    A report that shows me the top recipents (from) of specifc mailboxes.

    We already have a report that show what mailbox receives/sends more messages, but I can't get more details and see how sends more messages to that specific mailbox.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  3. Cloud app security, change api call allowance

    Give Admin's the ability to reduce the rate of api calls to Salesforce from cloud app security as it can consume 90% of allowed daily rate which is way to high. Please add more apps too

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  4. No SharePoint UI notification when attempting to delete a site under a retention policy

    When attempting to delete a SharePoint site that is currently under a Retention Policy to keep it. There is no notification in the UI that informs the user that the site cannot be deleted, or that its part of a retention policy. (Modern Experience) Attempts to delete a site via PowerShell result in an error message, but the SP UI moves on as though the site were deleted.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  5. Automatic sending audit logs to one of admin email by time(weekly).

    Due to it have retention policy to delete old logs, so i need to keep it somewhere.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  6. One Drive for Business - Allow guest access to a folder

    You can currently share a file with a person external to your organisation without them having to sign in to One Drive with a Microsoft account first, by unchecking the 'require sign-in' checkbox. However, the 'require sign-in' checkbox is not available when you try to share a folder in this way. Please can this feature be added to One Drive for Business.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. conditional

    As Office 365 E3 subscribers we are facing continual and increased threats daily from people trying to hack into user accounts. We've implemented lots of security inside our corporate network such as email and web filtering and made use of SSO/Modern authentication to make things as secure vs. seamless for our staff as much as possible.

    Next for us is 2FA. However with a highly secure corporate network we would only want to enforce 2FA for devices accessing 365 accounts outside of it. Azure Active Directory P1 is far too high a cost for us to justify just to get…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Increase ATP SafeLinks character Limit

    ATP SafeLinks can be used to block malicious or other undesirable URLs and domains using a blocklist. The Security & Compliance portal puts a limit of 128 characters on links that can be blocked. We would like this limit to be lifted or increased, as we are seeing multiple instances of malicious links that are not blocked by ATP, and cannot be added manually.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. ATP Safe Links should not show the user the link when blocking

    Currently when a URL is blocked by Safe Links, the blocking screen shows a partial URL. A user can double-click that (to select all the text) and get the full URL and paste it into the browser, bypassing Safe Links completely. Give Admins the option to not let the user see the full URL that is being blocked, so they don't get clever and go around it this way.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. .

    .

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  11. Secure Score real time update functionality

    To improve secure score real time update. It much more better once they comply all the requirement needed score should be updated in real time.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Reviewer Role

    (see case 15058078)
    Per all documentation, the purpose of the Reviewer role is to allow members to view and access case data in Advanced eDiscovery to which they have been assigned. However, a user assigned to the Reviewer role seems too much in the S&C Center.

    Based on least permissions, a Reviewer should only be able to see their Threat management (Quarantine) and the eDiscovery menu showing their case(s). Instead, they can currently view:
    Alerts
    Records Management (though empty)
    Data Governance (read only)
    Mail flow dashboard (though not populated due to error)
    Data privacy (GDPR dashboard and Data subject requests) …

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  13. Attack Simulator - Ability to terminate any running attack

    Currently attack simulator doesn't have good UI functionality to terminate running attacks. Here is my scenario:

    I was using the Password Spray feature of attack simulator and trying to simulate a password spray across a large number of users. When I clicked finish to launch the attack I received an error message and it left me in the launch attack wizard UI. Assuming the error message meant the attack hadn't been launched, I tried changing the number of users and trying again a number of times, still receiving an error each time. After that I went back to the attackdetails…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Prevent users from login to azure portal

    The Office365 user should not be able to login on the azure portal by default.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Conditional Digital sign of mails with S/MIME

    Will be useful to conditionally sign mail using S/MIME certificate maybe using mail flow rule or some new tool

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. ATP not blocking basic 'use once' dynamic phishing attacks

    We are seeing more and more incidents of use once dynamic phishing attacks. These always originate from a *.host site and always use java script to exfiltrate data and then display a logon back that looks a lot like a genuine Office 365 logon box. Upon logging in the user's creds are used to log onto Office 365 via SMTP/IMAP and then send out hundreds of emails.

    Why is ATP unable to pick these up. These have been doing the rounds for months now...

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Expanding policy-settings for unknown malware

    Issue: Very huge amount of false-negative detections as "unknown malware" on pdf and xls files (without macros!).

    Suggestion from MSFT: Creating a policy for the reaction to attachements that are considered as unknown malware.

    Only option there is, is to set a RECiPIENT out of our domain as "trusted" which means this recipient can receive ALL mails with unknown malware no matter where they are from - truly not what we want, that logic really bothers me.

    What we need is to set a SENDER as trusted.
    That might fal under "we need a whitelist", but I am only talking…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add Comment and Submitter fields to Spam Filter Allow/Block Lists

    When adding an entry to an Allow List or Block List in the Spam Filter, it would be helpful for tracking if there was a field for who entered it and why it was created. Over time an organization can get a lot of entries in here, and if there is a problem with one or an Admin wants to clean them out there is currently no real way to know why an entry is there or who put it there.
    My company just had an issue where some phishing emails were getting through due to an Allow entry, so…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow Cutomization of Reciepient no. in Mail Rule

    In Exchange Online, the current reciepient limit is set as 500 which is not modifiable. Please allow customization of this property and let the customer decide the reciepient limit for his domain.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base