Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow to edit Notification FROM address

    currently users get a generic email from Outlook Online or something like that if they violate some DLP or other Policy can we please be allowed to brand and customize that so that ours could say something like PrivacyOffice@MyCompany.com or DLP-Violation@myCompany.com

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Outlook - restrict direct file access while allowing to print attachments in OWA!

    for security reasons we do not want to allow users to access the local hard drive at all but still be able to print attachments they receive in OWA.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. have ActorIpAddress be searched in addition to clientipaddress when using the search-unifiedauditlog -ipaddress filter

    have ActorIpAddress be searched in addition to clientipaddress when using the search-unifiedauditlog -ipaddress filter

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Import Whitelist and Blacklist

    We recently moved to Office 365 to my regret. The spam and malware protection is third rate at best and I've been working/fighting with MS on it for months now. It would be great if there was a way to import a csv file with the thousands of white listed addresses from my previous (competent) provider instead of this whole copying, pasting then hitting the + symbol.

    Also, it would be great if the white list actually kept mail from going into the quarantine, but honesty, that might be beyond your abilities at this point.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  5. Remove exchange mailbox from active sync device after a user is terminated

    Administrators need to have the right to remove the employee Exchange Mailbox from the active sync device they are using without wiping it. This feature was available in Exchange 2010 and now in Exchange 365 it is gone.

    This is important for business data security.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Uploaded pst into Microsoft SAS are removed if no import job are created

    All uploads to the Microsoft SAS are removed after 30 days if no import job are created. It would have been better to remove the uploads that are 30 days older rather than removing everything from the SAS.

    It will allow us to retrieve all recent pst without re-uploading them again.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Show only the users' quarantined mail, not the whole tenants + Outlook plug-in/add-on

    We have a tenant that includes multiple divisions and has over 17,000 users. Therefore, when a user goes into the quarantine to release a mail they see all of the quarantined messages, not just there's. It would be awesome if it only showed the emails relevant to the user.
    What would be better is if this functionality was added into Outlook so that users could see their quarantine.
    Advanced functionality of this seems to be in demand when looking at the other posts, so if a persons' assistant could also see their Quarantine, then that would be great. Just like…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Como puedo validar el uso del correo (por capacidad) de los usuarios en correos de entrada y salida de forma independiente.

    Como puedo validar el uso del correo (por capacidad) de los usuarios en correos de entrada y salida de forma independiente.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for Exchange Online Message Tracking via API into Splunk or SIEM

    We would like to log Exchange Online Message tracking into our current SIEM (Splunk)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Birthday party or kitty party planner in lucknow

    On your lucky day is having a birthday party and invites you over to celebrate with friends and family fun browser game, on B-Day Party / kitty party ! … Get the party started! Find everything you need for your Party by Rihansheve N Planner. For more details related to party organiser visit:- https://www.rihansheve.com/birthday-planner/

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Correct/Fix the SPF interpretation in Message Headers

    In a recent email attempting Phish one of our staff and pretending to come from the CEO I discovered an issue with our SPAM filtering.

    Someone had put our domain in the allowed domain list.
    The from address was our domain.
    The reply address was a different domain.
    The Source IP was not in the SPF record.

    But becuase the domain was in the allowed list, the header indicates an SPF pass. The header also contains the Forefront SKA analysis indicating where the problem reall is.

    In my opinion, the SPF pass is a fail on the message processing. Regardles…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Delist is not working?

    please make it work

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. eDiscovery Main portal page search box should allow to search for a custodian

    On the main portal page of the eDiscovery section there is a search box. This appears to only search the case names. I should be able to locate all the cases that contain "Joe Smith" as a custodian. The only way that you are able to search for cases for now is to chase the inplaceholds attribute in PS and then convert those guids to actual case names:

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add hyperlink locking opening

    add a rule to open hyperlink, the user would only be able to open copying the link as a way to contain the malicious links.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Retention reports that actually give relevant information

    While we can run content searched to find that items are being archived, etc. we need reports that show us that retention is in place and working. This needs to be something presentable that shows all accounts in each location (hopefully with a current item count or something). Client's ask all the time if retention is setup and working and while I can tell them it is and show them it is setup there is nothing to easily SHOW them is is actively working.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  16. Offer "Save to OneDrive" when Exporting Content Search PST

    When you finish a Content Search across mailboxes in your tenant, and click "Download results", this by default saves the PST to a local file on your PC where the export is running. It would be very beneficial is there was an option to "save results to onedrive" and let administrators choose a location on OneDrive to save the PST file to.

    My process currently is the following (and we are an online only tenant):
    1. Run content search for a variety or reasons across all mailboxes (5000+)
    2. Search finishes, and click "download results"
    3. Enter the key and…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  17. get rid of safe link! I am going to have to get another email account because I can't get redirected from emails!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    get rid of safe link because my personal account, I cannot click on emails and get redirected or open anything! I cannot find anywhere to contact anyone and I have a personal account only.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  19. allow admins to track two factor usage

    Idea 1: User received an unexpected two factor text message. Couldn't find this action in the Office 365 log. Would be good if this was listed/reported somewhere obvious.

    Idea 2: Make it easier for users to force the log out of all their sessions as part of their password reset process (the admin action is OK, but would prefer to allow users this option).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  20. Office 365 spoofing protection and direct send(NO TLS) cross road is on security leak

    On office 365 service, it allows you to use devices that dont have TLS support by "direct send" settings. At this point current security level changes and there is no warning or no current settings display as warning. This is important because if you set a direct send just once, your security level drop down to "no protection" and you have to activate some additional barrages( of course if you aware of this). Even you delete the settings you done for "direct send" your security settings are not set back to SECURE leveland you are unprotected to spoofing without any…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base