Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed.

    Please provide Informational Popup indicating that it's not possible to upload a new APN Certificate when one is already installed. As is, nothing happens when clicking the upload button after browsing and selecting the APN Certificate which led me to believe there was an issue with the "Install Apple Push Notification Certificate" wizard.

    Rather than reinstalling the APN, all I had to do was Renew the currently installed APN on the Apple Push Certificates Portal.

    Had there been a pop-up indicating that an APN already exists, I would've save myself and MS Support team sometime.

    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  2. app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    app protection policies: allow the use of fingerprint sensor without the need for a pin-code

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Content Search and restore emails

    The content search needs to be able to included in the 'Recipients and Sender fields" email addresses that don't belong to the O365 domain you are in.

    Instead of the convoluted approach that restoring emails is currently, it would be nice if you could restore emails from the Content Search window itself. This would save time and tech hours in downloading the export and restoring one by one.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  4. Rollback option for exchange related services for administrators.

    The possibility for administrators to perform a rollback for i.e. calendars and e-mail inboxes etc.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. GeoLOC Blocking

    We are seeing failed login attempts to O365 for ourselves and our clients from across the globe as hackers exploit OSINT. Please give us and our client to block login's to our company's accounts by IP Geo Locatons.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Recovery of account is impossible if you forget your password and change email addresses

    I can give every detail of credit card but you keep saying not enough to verify account. I have spoke to an agent, no help. I have been to a store, no help. All I want id the tax invoice for the AU$129 dollar paid on 6 March. No one can send it to me.
    abf_secretary@live.com.au but I have no access to this email now

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Obtain sign-out logs from O365 audit logs

    I would like to know how often internal users use O365. I would request for O365 audit logs to have a function to obtain sign-out logs for those users, so that I can check above.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Limit location specific sign in by user, not all or nothing, without having onsite servers.

    We would like to use the location specific sign in for most of our users. Just not the administrators. Also, we would like to do this without having onsite servers. These are expensive to maintain and we aren't a large enough company to afford these.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. SharePoint online has an issue with the new skin where IRM protected documents over 30mb fail on upload.

    Changing to classic view resolves the issue, can you ensure that this bug is resolved for IRM as it causes inconvenience for users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. MFA Authenticator App Security with iPhone Multi-Touch Display

    With the iPhone multi-touch display (currently on the iPhone 7 and future) security is bypassed. I do not have to unlock my phone to respond to a request from the Azure Authenticator App which bypasses the security of the phone. Make it so that I have to unlock the phone before the authenticator app will respond. DUO MFA already does this and it works better.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. 90 Temporary password email can be misleading

    When a user has their password set or reset, they get notification that says PW is TEMPORARY for 90 days REGARDLESS of the system wide PASSWORD NEVER EXPIRES option you may have turned on so it gives the end user erroneous and contradictory information than what the administrator may have told them.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Better spam reporting options / instructions

    I can not (ever) find how to report spam in Microsoft Exchange. The instructions for reporting all refer to Outlook, and the options given do not work in Exchange. I have two messages I currently want to report that purport having come from Microsoft.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Mailbox block delivery to client program

    According to the new data protection law in Spain and Europe, users have the right to digital disconnection of the company during the time they are outside the company and / or during the days of leave or vacation. If they request it individually, I should be able to prevent them from receiving emails on their mobile phones and laptops (if requested), during those moments. To comply with the law.
    How can I configure this in the Outlook panel. Office365.com for my company and my Exchange users?

    The answer is:
    To disconnect the exchange service, you can execute the following…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  15. Changes in permissions in SCC should be visible in SCC audit log. It is not so currently... We were surprised to find that when one of our u

    Changes in SCC Permissions should be logged in SCC audit log. It is not so currently...
    We were surprised to find that when one of our users lost access rights (roles) to some actions in SCC, there was nothing in audit log. And when we renewed the access for him, there was again nothing in audit log. More details: Ticket 11034713.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  16. Zero-Hour Auto Purge (ZAP) action status

    ZAP is not working (showing as failed) when a domain is on an allow list. Can you change the result to "not applicable" instead of failed? That would help identifying the root cause, because "failed" could also mean a service degradation.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. conditions

    The recent change to not allow search queries to be manually typed out in the Keyword box is negatively impacting the ability to run more complex searches in the Compliance Center eDiscovery searches. By only allowing search criteria to be added with Conditions boxes the ability to run more complex searches has been severely reduced. Please roll back this change and allow the researcher to either use the Conditions boxes or to manually write out the query using the searchable email property query language (as was the case for the past several years).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. Extend The Office 365 Management API to include SharePoint 'DocumentID' in the Schema

    We have a business requirement that the Audit Logs (Office 365 Event and Audit Log) should include a SharePoint Document ID within the exported log. This allows our compliance teams to query the log's based on a Document ID and review the file actions, rather than using a ItemID or other GUID.

    Content-centric applications provide such functionality, but we have found that the Office 365 Management API provides some good benefits but does not provide the ability to extract the DocumentID against a file referenced within the Audit Logs that exists in SharePoint Online.

    It would be great if this…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  19. l

    post wot you have got would like a delivery please

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  20. Want to select a security group for the Add a condition option when creating a new alert policy

    If we could select a security group from the Add a condition option when creating a new alert policy via O365 Security & Compliance. If this option would be available, it would be more convenient when selecting multiple users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base