Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

How can we improve compliance or protect your users better in Office 365?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Please do something about when an app takes too long to load. It is very frustrating, especially when you need to do something important

    I was going to use PowerPoint to create a presentation and it needs to be done as soon as possible, but every time I would click on the button, it still wouldn't work, even if I refreshed many times. I go back and forth to this site to check if it's working properly already but no. The others worked fine but not PowerPoint. I hope you'll do something about this. BTW I have no concerns about my internet connection as well

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  2. "Envelope-From" Option should be add in Content search.

    "Envelope-From" Option should be add in Content search. So Admin can search through the Envelope From address. When you search through from address the content search is not working for that specific spam emails.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  3. User intervention required to remove S/MIME Cert on external emails for OME to work

    External emails using automated rules invoke OME encryption but do not work when users have S/MIME cert automatically signing emails. Recipient cannot open unless they have outlook app. There should be a way to invoke a rule that can remove the signature based on criteria instead of the user having to do this manually. Removing the signature allows the recipient to "read the message".

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. extract email logs (received and forward out) of O365 user that fulfill :

    Extract email logs (received and forward out) of O365 user that fulfill :
    1) Have forwarding email address set.
    2) Keep a copy of forwarded messages is unchecked.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Need to have export option under "Non-owner mailbox access Report" in EAC

    As per MS case-14335648 , we could not manage to have a powershell code to get the results for "Non-owner mailbox access Report" available in EAC. Can we have export option available in the UI? It would be easier to manage records of what all mailboxes were audited.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  6. dotm files should be included in protection especially since I can't add my own definitions

    Today my boss received a .dotm file from an unknown person. Luckily he is smart enough not to open those files, but we should be able to have dotm files included in protection or at least add our own definitions since apparently it take a village to do this :/

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Subscription Bomb Awareness and Countermeasures

    I don't currently have any recommendations on how to actually prevent or recover from something like this; however, I think it's important that Microsoft be aware of the threat.

    This week I experienced a Subscription Bomb on my Office 365 Exchange account. My average inbound email count went from 30-40 to 700+ all at once. Upon investigating the emails, I confirmed that there was no continuity between relaying IP addresses, geographic locations or header text. These were all legitimate websites with a simple subscription form available. It appears as though there are malicious tools out there which will automatically sign…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. O-365 is not updated with Public IP blacklist

    O-365 accepting emails from the IP which listed under public blacklist. Though sending IP is already blacklisted under public blacklist, Office-365 is accepting emails from that IP instead of rejecting.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. FIX SIGN ON SCREEN FOR OME. YOU BROKE IT. YOu should not have to scroll rigght (or left) to see the sign in options.

    You should not have to scroll right (or left) to see the sign in options.
    At this moment, when clients choose to sign in and not use the one time pass-code, they see a blank screen, and if the don't scroll over they don't see the sign in options.
    Fix it.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. I should be able to create a filter, rule, etc. for International email that has a bulk action that is seperate from any other rule or spam

    I should be able to create a filter, rule, etc. for International email that has a bulk action that is separate from any other rule or spam filter. I want to be able to quarantine or out right delete emails from countries with which we do not have any legitimate business.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Downloading custom reports takes too long to bring up the download interface in the Security & Compliance area.

    When downloading custom reports, it takes over 20 seconds for the download to even begin. One of my browsers timed out waiting for it.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  13. Eslam Mohamed@tedata. Nat

    رابط التفعيل ماي تي داتا

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Entering Participants/To/From Conditions

    I would like to see the active directory picker added back to the Content Search. This feature is essential to our eDiscovery queries in order to find the correct participants to include in searches. In order to accurately comply with FOIA demands we rely on this feature and now it's gone!!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  15. Use message header properties in email supervision policies

    I would like to exclude bulk mail from email supervision policies. Would it be possible to use some properties in the email header for policy conditions? In our initial testing, we're getting a large amount of newsletters and other bulk content.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Spam notification - streamline functionality on email

    Spam Notification Message from quarantine@messaging.microsoft.com:
    Each action chosen on a spam message in the list opens a new browser window which is generally meaningless and is an annoyance

    Suggestion: 1. Have a selection for both the "release" and "report" action for each message

    2. Add a single button to "APPLY" actions at one time. - This eliminates the opening of a browser window for each individual action.

    Also, please clarify if "report" to Microsoft also releases the message to the inbox or not and vice-versa. Thank you!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Reduce Spam from "myself"

    Any mail from myself should be authenticated to go anywhere from or to me.
    This would reduce spoofed mail to myself almost to zero.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enable auditing on the OOF feature

    Enable auditing on the OOF Feature. We had a case where the Out of Office kept getting turned off on a shared mailbox and there is no auditing capability for this. Please create auditing on the OOF, turning it on and off again and by whom.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  19. Create report to pull a specific number of emails randomly from all selected user's email accounts.

    Need to be able to randomly pull specific number of emails from all selected users. This is to stay in compliance with our lawyers.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  20. Block users being able to share link / content with 'Can Edit'

    Currently user with edit (or above) permissions can share a link to content (documents or list items) and it default give the recipient 'Can Edit' rights.
    This needs to be either 1) a feature you can disable, 2) at minimum set to 'Read Only' by default rather than 'can Edit'

    At the moment users do not check if they have changed that setting and it allows in-controlled access to the site for people to edit without the owners permissions

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base