Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. threat management dashboard

    Email submissions not visible on the Threat Management Dashboard. Especially when sent in .eml format to phish@office365.microsoft.com

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Get-User does not show default authentication policy

    When you set an exchange default authentication policy the default authentication policy is assigned to all users who don't already have a specific policy assigned to them. However when you query Get-User their policy is null. It should show (default) so admins know if a user has a policy set.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  3. Threat Management Policies break and cannot be edited or deleted if policy name contains invalid characters.

    Example: Name an ATP Anti-phishing policy with comma "," characters:

    Example Policy Name that works: Name01 Name02 Name03
    Example Policy Name that breaks edit and delete: "Name01, Name02, Name03"

    Repro Steps:
    1. Login to Security and Compliance Center: (https://protection.office.com/#/)
    2. Click on "Threat Management"
    3. Click on "Policy"
    4. Click on "ATP anti-phishing" (https://protection.office.com/#/antiphishing)
    5. Click "Create"
    6. Name your policy: Name01, Name02, Name03
    7. Continue with Policy Wizard and click "Create this policy".
    8. Once policy has been created, check box the policy "Name01, Name02, Name03"
    9. When pop-up menu appears, click "Edit policy".
    Error:…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. 2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  5. Need an improvement for an issue that file contents which is shared with users via Microsoft Teams cannot be audited

    It is inconvenient that I can’t audit file contents shared with users via Microsoft Teams, and I would like to request to improve this behavior.
    For example, I’d like to see whether our company confidential files are disclosed by checking audit log to see the files shared via Microsoft Teams by users.
    Or I would like you to provide a setting option to disable the file attaching function in Microsoft Teams. Otherwise it impacts our business because it becomes difficult for me to allow users to share files, which is inconvenient. Also, I need to inhibit using Office 365 group…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  6. safe link didn't work at the moment receive the email with suspicious link and click through that link

    safe link didn't work at the moment receive the email with suspicious link and click through that link.

    the link will be rewritten after some time.

    why this not work at the moment email arrived?

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Exchange Online Advanced Threat Protection - Excess of Timeouts

    We have recently suffered several bouts of emails simply timing out through Exchange Online Advanced Threat Protection. This has taken place during a pilot for the system in our organisation and has not instilled us with confidence to use it. When dealing with Microsoft Support we have been informed that other tenancies/customers were experiencing the same problem and that Product Engineering had investigated and the problem was resolved only for the problem to reoccur a few days later with the same response.
    There is no System Health Status in the O365 Portal for ATP, can this be added so that…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  8. Encrypt local hard drives/files subscribing to Office 365 (BitLocker for 365)

    Users who subscribe to Office 365 should have encrypted hard drives (I think Office Enterprise offers this) - in the event laptops are lost/stolen, local data is encrypted

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Exchange Online Alerts similar to OneDrive "..recently deleted a large number of.."

    When I delete a large number of files in my OneDrive, SharePoint will email me saying "Heads up! We noticed that you recently deleted a large number of files from your OneDrive".

    I am looking for this sort of feature, but for Exchange Online and when any user deletes a large number of items from their Deleted Items folder, the admins could be emailed with an alert.

    Currently I see no settings for the Alerts in Security & Compliance for this activity.

    This would help in the event someone leaves the company 'sour' and wipes their entire mailbox. Rather than…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Can you give your opinion to baseStriker Attack?

    I have beed asked by the Security department related the following Topic described in the links below:

    https://www.avanan.com/resources/basestriker-vulnerability-office-365
    https://thehackernews.com/2018/05/microsoft-safelinks-phishing.html
    https://securityaffairs.co/wordpress/72279/hacking/basestriker-attack-technique.html

    Security researchers at cloud security company Avanan have discovered a technique, dubbed baseStriker, used by threat actors in the wild to bypass the Safe Links security feature of Microsoft Office 365.

    The Safe Links feature is designed by Microsoft to protect Office users from malicious codes and phishing attacks, it is part of Microsoft’s Advanced Threat Protection (ATP).

    Beginning in late October 2017, ATP Safe Links protection is being extended to apply to web addresses (URLs) in email as well…

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  11. Delete unused shared easily

    Need a way to delete unused shares with a batch / automatic job. A builtin report showing those unused share would also be nice

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  12. enable touch ID with Sharepoint mobile (Outlook mobile has it)

    enable touch ID with Sharepoint mobile (Outlook mobile has it)

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Search option for identifying malware domains in Office 365 Admin panel

    How do we identify in O365 Admin panel about domain being marked as malware. Recently we had hard time in identifying this and O365 support team took 10 days to find this resolution for our mails being marked as PHISH instead of SPAM.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add the ability to filter real-time reports by the custom anti-phishing policy so that we can see the amount and which emails are impacted.

    This report is within Security and Compliance>Threat Management.

    It currently only shows the technology, the protection policy is listed as a code which is impossible to decipher. There is no way to tell if it as result of a custom anti-phishing policy. It only implies the technology.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  15. Send a notification when a Global Admin changed the specific Company resources, such as mailbox or account in Office 365 Security & Complian

    Please add a feature to send a notification to monitor if Global Admin changes the certain tenant information to avoid the unexpected change on users or mailboxes.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. MS Stream - Default change to share option

    Alter the current default section of share with 'everyone in the business' to 'only me' to avoid employees accidentally sharing personal and/or sensitive data with the entire organisation.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  17. Security / Compliance Center Junk E-mail IP block does not appear in Show Detailed Table

    Security / Compliance Center Junk E-mail IP block does not appear in Show Detailed Table

    セキュリティ/コンプライアンスセンター迷惑メールの IP ブロックが、 [詳細な表の表示] に表示されない

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  18. Powershell, powershell, powershell...

    ...if you need more than just the title, you haven't been paying attention to your customer base over the past 6 years.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow E-Discovery for Exchange Online Archiving

    We are at the moment in a hybrid scenario where part of our users have their mailboxes on premise and the archives in Office 365. Recently we noticed that we do not have any option for actually exporting the Exchange Online Archive contents to a pst, outside of doing it from Outlook (we are in a Citrix environment and users are located in different countries so that would not be easy).
    It would be great if we had an option to search/export the archive contents for hosted archives.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  20. Advanced Threat Protection and Safe Links

    We had an email with a link that was pointing to web page with multiple link, none of them safe. One of the Phishing URL brought up a spurious Microsoft Office login page. The Safe Link process of ATP failed to stop this email which was delivered as safe. Safe URL scanning should check everything, going as deep as needed to check for possible threats.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base