Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow Tenant Block Control at admin portal

    Instead of blocking of all the emails inside the tenant without any prior notification,there should be mechanism to notify the tenant administrators about the suspicious activity (including details of which email id is compromised or behaving suspiciously) and then proceed with automated action.And after blocking of tenant also ,tenant admin should have rights at the admin center to unblock the tenant after going through the full suspicious activity report at their level.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add OR conditions to spam rules

    Add OR conditions to Spam rules. Currently, if you want to prevent spam, you can only add a rule with AND. This makes each condition less effective. If you get a match on one of them and not the rest, the spam gets through.

    We are getting bombarded with Dropbox phishing scams. They are coming with different TO, FROM, and SUBJECT information. The common factor is that one of those three usually contains the words "dropbox" "sharing" "connect@" or "box". But not always in the same field. And then the exception is the actual domain for dropbox, so that it…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Mail Flow Map Report

    In the mail flow map report we are not able to view previous 4 days details. It says - No data available. Previous data beyond 4 days is visible. Last 72 hours data should be made available for customers

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Get high-quality content writing services- suprams info solution

    Content writing services marketing communication, business writing, Excellent writing skills, must be a strategic thinker, able to develop key positioning, messages and narratives. For more query visit:- https://medium.com/@supramconsulting/creative-content-writing-services-by-suprams-info-solution-9439109daa0c

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  8. Microsoft 365 NIST 800-171 Assessment in Compliance Manager

    Can you add the NIST 800-171 assessment in Compliance Manager for the product Microsoft 365?

    Right now the product list only includes: Azure, Azure Government, Dynamics, Office 365 and Professional Services. No M365 :(

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  9. This is suggestion title

    Here is the description

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. found Potential security gap in EOP, Restricted file types gets bypass malware filtering when inserted inside word doc

    Restricted file types gets bypass malware filtering when inserted inside word doc, what is the solution?
    .dll file inserted into word doc is getting bypassed without getting quarantined, however on premise
    Symantec mail security is able to quarantine such scenarios.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  11. it would be fantastic to have a notification system for article updates

    When an article is updated with useful info, such as what IP addresses that MS sends from externally. it would be nice to have a way to update concerned customers with that info. Otherwise angry customers become my alerting system.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Restrict customer network to access specific tenant.

    Due to some SOX audit´s that some customers must meet, we are facing problems to meet the restriction of customer network to be allowed to access specific tenant. Fail to meet this requirement let internal users to be able to connect to any office365 tenant inside customer network. And this is bad for audit´s. Google apps implemented this restriction trough some sort of tagging of headers to be sent to google tenants. https://support.google.com/a/answer/1668854?hl=en

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed.

    Please provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed. As is, nothing happens when clicking the upload button after browsing and selecting the APN Certificate which led me to believe there was an issue with the "Install Apple Push Notification Certificate" wizard.

    Rather than reinstalling the APN, all I had to do was Renew the currently installed APN on the Apple Push Certificates Portal.

    Had there been a pop-up indicating that an APN already exists, I would've save myself and MS Support team sometime.

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  14. app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Content Search and restore emails

    The content search needs to be able to included in the 'Recipients and Sender fields" email addresses that don't belong to the O365 domain you are in.

    Instead of the convoluted approach that restoring emails is currently, it would be nice if you could restore emails from the Content Search window itself. This would save time and tech hours in downloading the export and restoring one by one.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow DLP Exclusion Based on Document name IE: DocumentName.xlsx

    To reduce the amount of DLP false positives that my organization receives, I would like the option to Exclude a document if the document name contains a keyword or phrase (IE: "Site Codes Tracking Sheet").

    This would allow for "Madison Site Codes Tracking Sheet" or "XXXX Site Codes Tracking Sheet" to not be flagged as a DLP policy violation.

    Currently one of the pre-built/default Sensitive Info Type we use is alerting on something that is very similar to the chosen Sensitive Info Type in the way it is formatted. We do not want to increase the match accuracy any higher…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  17. Rollback option for exchange related services for administrators.

    The possibility for administrators to perform a rollback for i.e. calendars and e-mail inboxes etc.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. GeoLOC Blocking

    We are seeing failed login attempts to O365 for ourselves and our clients from across the globe as hackers exploit OSINT. Please give us and our client to block login's to our company's accounts by IP Geo Locatons.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Recovery of account is impossible if you forget your password and change email addresses

    I can give every detail of credit card but you keep saying not enough to verify account. I have spoke to an agent, no help. I have been to a store, no help. All I want id the tax invoice for the AU$129 dollar paid on 6 March. No one can send it to me.
    abf_secretary@live.com.au but I have no access to this email now

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Obtain sign-out logs from O365 audit logs

    I would like to know how often internal users use O365. I would request for O365 audit logs to have a function to obtain sign-out logs for those users, so that I can check above.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base