Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Office Online Archive - Set exemption for Calendar, Tasks, Flagged item

    Once you enable online archive for user mailbox, all items (mails, tasks, calendar, flagged mails, Notes) in mailbox are getting moved to online archive. Once Task, Calendar or flagged items are moved to Online Archive, it doesn't appear in to do list/bar or User doesn't receive any reminder for such tasks.
    Pl provide a filter while creating Archiving policy to exclude such items. If we can apply such a policy to specific users that would be great.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy

    Attack Simulator - Should use stored users personal information from their accounts, like birthdate, address, phone ETC for accuracy trying to get their passwords

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable Folder Excludes in Exchange data policies

    In classic Policies I could create tags that excluded the Notes and Contacts (and other folders).
    We are migrating legacy users with large buy in to these areas of Outlook/Exchange. The ability to toggle those folders on/off would be great.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. DLP Protection template for GDPR (France)

    Hello,

    Some default templates for DLP protection do not have associated keywords.
    Example: French identity card (CNI)

    https://docs.microsoft.com/fr-fr/office365/securitycompliance/what-the-sensitive-information-types-look-for#france-national-id-card-cni

    As a result, all documents containing a string of 12 consecutive digits go up in the DPL console as French identity card numbers.
    For other European countries there is a keyword test, but not for France.
    So I end up with hundreds of false positives.
    It would be nice if developers could check the default templates so that there is no such problem.
    This DLP protection is very important if we want to comply properly with the GDPR.

    Best regards.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  5. Tenant Wide Permission Report across all Site Collections

    I would like the ability to run a permission report against the entire tenant where I can check all site collections (and sub-sites) or specific site collections with an option to include or not include list and libraries. I've found PowerShell scripts to run against a single site collection but not the entire tenant. I need Site Collection address, site address, site owner, user login, and the permission granted,

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Teams Microsoft and Skype for Business

    Teams Microsoft and Skype for Business services the rutilite in Security the community Small Business, preservation and Protection on potencial the client in relation the Enterprise for production quality in conformidade the Marketing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  7. O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    O365 logs shows multiple login entries within a minute. Would could be the reason for such a Behavior

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    How about actually sending an email verification. I have tried using this for 5 days and still haven't received a damned thing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add OR conditions to spam rules

    Add OR conditions to Spam rules. Currently, if you want to prevent spam, you can only add a rule with AND. This makes each condition less effective. If you get a match on one of them and not the rest, the spam gets through.

    We are getting bombarded with Dropbox phishing scams. They are coming with different TO, FROM, and SUBJECT information. The common factor is that one of those three usually contains the words "dropbox" "sharing" "connect@" or "box". But not always in the same field. And then the exception is the actual domain for dropbox, so that it…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Mail Flow Map Report

    In the mail flow map report we are not able to view previous 4 days details. It says - No data available. Previous data beyond 4 days is visible. Last 72 hours data should be made available for customers

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Get high-quality content writing services- suprams info solution

    Content writing services marketing communication, business writing, Excellent writing skills, must be a strategic thinker, able to develop key positioning, messages and narratives. For more query visit:- https://medium.com/@supramconsulting/creative-content-writing-services-by-suprams-info-solution-9439109daa0c

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  13. Microsoft 365 NIST 800-171 Assessment in Compliance Manager

    Can you add the NIST 800-171 assessment in Compliance Manager for the product Microsoft 365?

    Right now the product list only includes: Azure, Azure Government, Dynamics, Office 365 and Professional Services. No M365 :(

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  14. This is suggestion title

    Here is the description

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. found Potential security gap in EOP, Restricted file types gets bypass malware filtering when inserted inside word doc

    Restricted file types gets bypass malware filtering when inserted inside word doc, what is the solution?
    .dll file inserted into word doc is getting bypassed without getting quarantined, however on premise
    Symantec mail security is able to quarantine such scenarios.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  16. it would be fantastic to have a notification system for article updates

    When an article is updated with useful info, such as what IP addresses that MS sends from externally. it would be nice to have a way to update concerned customers with that info. Otherwise angry customers become my alerting system.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Restrict customer network to access specific tenant.

    Due to some SOX audit´s that some customers must meet, we are facing problems to meet the restriction of customer network to be allowed to access specific tenant. Fail to meet this requirement let internal users to be able to connect to any office365 tenant inside customer network. And this is bad for audit´s. Google apps implemented this restriction trough some sort of tagging of headers to be sent to google tenants. https://support.google.com/a/answer/1668854?hl=en

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed.

    Please provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed. As is, nothing happens when clicking the upload button after browsing and selecting the APN Certificate which led me to believe there was an issue with the "Install Apple Push Notification Certificate" wizard.

    Rather than reinstalling the APN, all I had to do was Renew the currently installed APN on the Apple Push Certificates Portal.

    Had there been a pop-up indicating that an APN already exists, I would've save myself and MS Support team sometime.

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  19. app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Content Search and restore emails

    The content search needs to be able to included in the 'Recipients and Sender fields" email addresses that don't belong to the O365 domain you are in.

    Instead of the convoluted approach that restoring emails is currently, it would be nice if you could restore emails from the Content Search window itself. This would save time and tech hours in downloading the export and restoring one by one.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base