Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Not able to trace creator or for whom HIGH severity alert has been triggered however able to see for LOW severity alerts.

    Can you please provide a way how to find who has created that HIGH severity alert or for whom it's been created ? for the security concern.

    Able to trace user & creator for LOW severity alert but not for HIGH severity alert.

    Looking to here from your side!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Extract mailbox last login

    This is basic functionality. We are not getting mailboxes last login date

    We tried checking in the Audit log but it is not giving the data what I am looking for and again it has limitation of 90 days.

    As a revalidation process we are re-checking wheater email ids disabled or not b

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  3. User cannot see "deleted site collection" event.

    User cannot see "deleted site collection" event in [Office 365 audit log report].
    It seems this feature is not supported yet, but the "deleted" event in [Office 365 audit log report] should be supplied since it is very important information for operation and maintenance for administrators. They feel disadvantage that the "deleted site collection" event is not provided although there is “SiteCollectionCreated” as operation in [Office 365 audit log report]. Please change the design.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow customers to customize DLP templates phrases when setting up mail tips? Default pop ups should be customizable and not by default.

    Change text in override situations for example in DLP Mail tips. Pop ups are all by default, we should be able to customize those pop ups with the phrases that we would like them to be.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  5. June 12, 2019: I have been trying to send emails through Constant Contact; they are going to the Junk Folder. the emails are not junk!

    June 12, 2019: I have been trying to send emails through Constant Contact and they are going to the Junk Folder when the emails are not junk!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Encrypting of email notification - Want to get notifications about email that users did not encrpyt..

    Want to get notified when users does not encrypt email. Not be notified that an encrypted email went out.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add Is Not Member of a Group in Message Transport Rules

    currently you only have rules that check for Member Of a group, please allow us to crate Transport Rules for Member Is Not in a group, this would really help

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  8. Option to disable common attachment types filter for internal mail only

    Today you can define common attachment types that will treat certain file types as malware. There should be an option in the malware policy that would ignore this filter for internal mail only, but treat such file types as usual for incoming external mail.

    As an example, ATP Safe Links have an option to ignore the mechanism for internal mail and so should the attachment filter.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  9. Include Center for Internet Security guidelines

    Create Azure Security and Compliance Blueprint based on CIS recommendations for MS Azure platform.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. Encryption report does not show active data.

    When I look at my encryption report, the data is not live, but is one day behind.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add "Sender is" in conditions or exceptions of DLP.

    Currently, the conditions and exceptions can be only applied to recipients. It will better if DLP support conditions and exceptions set to senders.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  12. Dynamic scoping rules for Teams DLP

    ability to create scoping rules to include Teams in a DLP policy based upon name or external share state.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  13. DLP Policy Sender domain exception

    I am not able to find sender domain in exception in DLP policy erlier it was available but right now it got removed

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  14. Stop third parties automatically populating calendars

    Currently according to Microsoft it is acceptable for a 3rd party who you have not shared your calendar with to populate it with a request, this leads to unwanted Spam appointments being booked provisionally and makes the calendar get clogged up with spam appointments.

    After spending days now with Microsoft trying to stop this , the answer is "events will populate the calendar is a normal behaviour of Outlook in Office 365"

    Simple solution would be to stop all 3rd party invites from automatically populating the calendar and only allow users that you have shared your calendar with add an…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Quit blocking all hyperlinks, cant open any links in my email today that are safe

    revert whatever changes you guys made in the last day, as not a single email hyperlink will work, test before you deploy this stuff.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Provide ability to search and export 'Shared with me' items in OneDrive

    There are occasions when we would want to include those items shared with a OneDive user in the ‘Shared with me’ folder. It would be nice to have a way to include these in search results and any following eDiscovery exports.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  17. Dont for the alternative email address when you detect a suspicious login. My phone autosuggests the alternative

    When a suspicious login is detected don't show part of the alternative email address. Eg Pp*****@gmail.com because if someone has access to the users phone etc when those first two characters are typed Google autosuggests the email address. Making it easy for the thief to receive the security code. Doh!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. While typing MFA OTP Password , User should not able to see or it should be in ### or **** format

    While typing MFA OTP Password , User should not able to see or it should be in ### or **** format

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. What are the rules applied on incoming messages?

    What are the rules applied on incoming messages? I have observed that out of two emails sent by me, one was delivered to Inbox while another one was quarantined.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. the email limition

    we have encounter a terrible case that cause by Microsoft O365 limited setting. we can not change this limited by any field. our user's email account has been compromised to sent out lot of spam mail. more than 10000, we have reset the password and unlock it out the "action center", but user still not able to send mail by Microsoft limited. That must be waiting 24 hours. Do you have any idea to process this temporary work around to let user can send mail out then we can do deep action to prevent the mail account be compromised.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base