Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. ATPを検知したとき、スパムフィルター同様、[件名行の先頭にテキストを追加する] 設定ができるようにしたい

    ATPを検知した際の動作に [モニター]などに加え、[件名行の先頭にテキストを追加する] をできるようにしたい
    トランスポートルールにて、ATPにて検知された特定の拡張子のファイルをバイパスする方法ならあるが、検知したATPすべてに対して[件名行の先頭にテキストを追加する] を設定したい

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Critical Bug at Customer Sites

    I've entered a bug issue (bug in new Office security feature), providing the details, and NO ONE has responded in any way. I was told that these issues are reviewed by the Office Dev Team.

    I need a response NOW. Customer sites are broken.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allowing filtering for what is listed in ‘Activity’ within the Search ‘Activities’ UI [https://protection.office.com/#/unifiedauditlog]

    The Search Activities within the 'Audit L:og Search' differ from the 'Activities' that are listed as results.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. GDPR: Email addresses disclosure message in SharePoint Online

    External user are able to see email addresses using generic link: https://<tenant>-my.sharepoint.com/_forms/default.aspx.

    The email address appears in the body of the warning screen provided by the above link. Besides the email address, in the warning screen also appears the source link which can be modified by changing the UserID parameter. In this way, a user can generate the full list of email addresses registered in the corresponding site collection.

    This is considered a security breach in the perspective of some industries and also GDPR regulations.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. hover over links

    I am trying to get our users to hover over email links to check where they really go.

    This hovering doesn't show the URL in OWA!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. When a message is tagged as potential spam, spoof, etc allow the viewer to respond if it is spam, spoof, etc while viewing the email and use

    When a message is tagged as potential spam, spoof, etc allow the viewer to respond if it is spam, spoof, etc while viewing the email and use responses to make the identification process smarter (positive responses could cause tagging criteria to be updated).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Birthday party | kitty party theme- Rihansh Eve N Planner

    Find best Birthday Party planner | kitty party planner near to your house in lucknow, then you come right place Rihansheve N Planner are best in that field. For more details visit:- https://www.scoop.it/topic/rihansheve-n-planner/p/4108884013/2019/07/09/birthday-party-kitty-party-theme

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. updates

    I just got an update and it was so woefully absent actual data as to what was updated and why (more of that no good written verbal social thing that is rampant in high tech) and now my outlook no longer works.
    HOW do I get actual information that is understandable about the updates before they are foisted upon me?
    Doesn't Microsoft know about consent?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Change Swedish translation of "Business Justification" to something else

    When a user chooses to override a DLP rule and needs to give a business justification the get prompted with in Swedish "Jag har en affärsjustering" ("I have a business justification" in English). I'm not even sure if "affärsjustering" is a word so it's not a very good translation. It's not an easy sentence to translate correctly but the words "berättigande, rättfärdigande, anledning or motivering" is better translation of "Justification" and a change of the translation should be considered.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  10. SCC Admin Quarantine email releases to all recipients when "release to other people" field is left blank

    When releasing emails from the Quarantine, if the "to other recipients" option is chosen and left blank (which the tool allows) email is released to all recipients. There is no notification nor documentation about this. If I am choosing "other people" there is a clear intention not to release to original recipients.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. ip address log

    my up address history

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Are there flags sent with diagnostic data to distinguish it from unsanctioned outgoing data sourced ffrom malware?

    The inclusion of an un unreplicable token having a checksum or other content validating feature with program feedback data would assist a system monitor scanning outgoing data looking for unsanctioned messages by reducing overhead and simplifying recognition logic to make it static to reduce maintenance overhead..

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow us to rewrite the Subject like your competitors have been doing for years

    when we encrypt a message we use a [secure] tag in the subject we want to remove that tag after the message gets encrypted, but you do not allow it

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  14. Manager Approval in Security and Compliance DLP rules

    When creating a DLP rule in S&C we do not see an option for forwarding to manager for approval. This option is available in Exchange Online's DLP rules and is necessary functionality for us. If this option could be added into S&C's DLP rules it would allow us to migrate away from Exchange Online's DLP.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Report on why Secore Score changes

    An explanation regarding why a Secure Score action has changed with no admin intervention, would be good.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. 3DES usage

    Spreadsheet of TLS 3DES usage needs a column for Cipher used. Showing us which protocol was used is ok, but knowing that Bob connected with TLS 1.0/1.1 doesn't tell us if the Cipher used was 3DES or not.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. Content Search report should what has triggered

    In Security and Compliance, Content Search, you can view a report or download a report. It should be nice if you could see what keyword of the query caused this document of mail to show up in the results. For example, I have one query that queries on BSN(social security number in the NL) and CV(resumé). When I look at a hit in the report, I don't know what keyword, BSN or CV, triggered this.
    I assume the answer is in this case to create two separate reports but I can imagine that you don't want to build that many…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. Opt out and update preferences should completely remove email address from all future mailings

    Currently when a user opts out or unsubscribes or updates contact preferences they may still receive emails from Microsoft - can this be fixed so all emails are stopped completely ?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. View "configured" machines in Defender Security Center - Improvement Opportunities

    Currently in Defender Security Center, in the Improvement Opportunities section, it lists the misconfigured machines under each Security Control. You can click on the list of misconfigured machines but it would also be helpful if you could click on or list the "configured" machines.
    This would be very helpful when setting up different controls how to find what machines that are working correctly and what machines I need to investigate why they aren't reporting in.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make the data on TLS-Deprecation-Report.csv to be accurate

    I would like the TLS deprecation report to show accurate data when downloading it from Service Trust Portal, because it contains a lot of data for non-impacted devices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base