Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Extend The Office 365 Management API to include SharePoint 'DocumentID' in the Schema

    We have a business requirement that the Audit Logs (Office 365 Event and Audit Log) should include a SharePoint Document ID within the exported log. This allows our compliance teams to query the log's based on a Document ID and review the file actions, rather than using a ItemID or other GUID.

    Content-centric applications provide such functionality, but we have found that the Office 365 Management API provides some good benefits but does not provide the ability to extract the DocumentID against a file referenced within the Audit Logs that exists in SharePoint Online.

    It would be great if this…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Want to select a security group for the Add a condition option when creating a new alert policy

    If we could select a security group from the Add a condition option when creating a new alert policy via O365 Security & Compliance. If this option would be available, it would be more convenient when selecting multiple users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Secure, non-tracking, private webmail service

    People need a webmail service that is completely private, secure, and non-tracking. There are smaller companies and paid services that provide this type of service. However, because they are small companies, there is a risk they will not succeed. It would be nice for a larger company to provide this security and privacy to its customers. People are too willing to give up their privacy and security for just a little convenience.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  4. Access to Remove TLS 1.0/1.1 and 3DES

    I tried to view the report for removing TLS 1.0/1.1 and 3DES (MC171089)

    My account gets logged off when downloading the report in Service Trust Portal. The Global Admin account downloads the report, but does not know where it is downloaded to, which makes it inaccessible.

    I cannot find the report from the Azure Portal.

    You make security and administration of O365 so ******* us.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  5. Export all url as CSV

    Dear,
    Please move this idea under right subject, if i crete wrong place.
    I'm a secuirt/ firewall, url filtering etc admin.
    I'm defining urls for office 365 license, apps and another.
    Please check this address.
    https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges

    It is very difficult to copy addresses one by one. We need csv import option here. Thus, it will be much easier to import.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Conditional Access user resolution wizard

    Users who access an environment secured by conditional access need a better wizard walk through to resolve issues that stop access because of conditional access policis. Particularly byod devices. A wizard that allows correction of antivirus(download defender). Patches that need installing, mfa to be enabled. Make it easier to get users working with conditional access. That includes enrolling for managment for devices with ios and Android from the wizard.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Need to let OurCompanyUser@OurCompany.com login into Buisness-Partner-O365-OMT.com

    We need to be able to let OurCompanyUser@OurCompany.com login into Buisness-Partner-O365-Tenant.com. I'm pretty sure the only work around is for the business partner to create a new mailbox for OurCompanyUser@Buisness-Partner-O365-Tenant.com.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Limit use of shortcodes in notification emails

    With increasing use of phishing emails, and increasing sophistication, Microsoft need to drop the use of svc.ms and other shortcodes, as i've got users trained to look for office.com or microsoft.com in the links.

    having all links pointing at only 2 domains would greatly help with this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. Audit Log for Emails downloaded from Threat Explorer

    SOC analysts often download email bodies from Threat Explorer to do further investigation. Currently there is no audit log for the action of downloading an email from Threat Explorer, which makes it hard to put controls around this wide reaching permission. Please include the action of downloading an email from Threat Explorer into the O365 Audit Log.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make it work faster. It's like I'm back in the 90's waiting for attachments to load. And waiting, and waiting, and waiting.

    I don't care how you do it, just make it work faster. 2 and a half minutes is waaaaaaaaaaaaay too long to wait for an attachment to open.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Auditing enabaling with all settings

    before MS enabled audting by default i was running scripts to enable it on new users when possible. And also a cleanup that caught users with it not enabled and adding all availble settings at the time. Now that it is enabled by default - not all availble settings are applied . It would be good to have all availble settings applied . This includes if new are added. as i need to redo the scripts abnd now need to filter on mailbox creation date and then apply all settings , like:
    Get-mailbox -ResultSize unlimited | where-object { $_.WhenMailboxCreated -gt…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. The security verification string for verifying existing account was extremely difficult to read.

    Well, this is not an idea but a complaint. i was trying to reset my Microsoft Office 365 Home account because of a security breach. None of the stored phone numbers or back up email address would work for receiving verification. THE RANDOM CHARACTERS WERE VERY DIFFICULT TO READ, PARTICULARLY IF THEY WERE CASE SENSITIVE. Are they case sensitive. I understand the need for security verification but the characters were very difficult to read. The alternative voice verification was so muffled it was also impossible to understand the words.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. POPUP WARNING BOX MDM Deactivation is unavailable

    Please provide a POPUP WARNING BOX that when activating MDM that there is no option to deactivate the MDM service once it's enabled

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please fix the Grant Access problem that occurs when users upgrade to a new MacBook from a previous MacBook.

    Office 365 is running into Sandbox issues on the Mac when users move to a new MacBook by connecting to their old one and moving everything. All the Office files are coming across with wrong permissions causing Grant Access errors. It seems to be that the subfolder permissions are not being moved properly. Please work on this with Apple.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Include destinationServiceName in Cloud App Security API schema

    There are a few option when trying to integrate Cloud App Security with SIEM. One is a clunky java client and the other is Office 365 Management API's. The one advantage to the java client is that it includes a field called destinationServiceName which is helpful when you get an alert about failed logins, it tells you which service the user was trying to access. I think this should be included in the Office 365 management API schema: https://docs.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api-schema#security-and-compliance-alerts-schema for better SIEM integration and alerting.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. We get a auth dialog box which never passes authentication

    Intermittently, while attempting to open an office365 desktop application, we get prompted to sign in with a very odd looking dialog box - username field greyed out and supplying the corresponding password ALWAYS tells you that you failed to authenticate, so I raised an incident with Microsoft Office365 support. Please see below for details

    Thank you for the quick response, please see reply below:

    • The PC caches credentials for office 365 office applications which may corrupted.
    As part of this exercise, the all office365 related credentials were cleared prior to the manifestation of this issue (using the Credential Manager) …

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  18. MCAS Portal Permissions: Allow Azure AD Groups to be added

    Currently in Microsoft Cloud App Security (MCAS) portal it is only possible to add users to have MCAS roles/permissions.

    Need ability to add Azure AD groups so that permissions can be managed via a group rather than individual adding users needing a MCAS role.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. The Safe Links has started producing Error 503 Service Unavailable today.

    Safelinks in Outlook produces error 503. If it is disabled then links work again. Support says they know of no issue. But after testing, it is not on my end. Support told me to post it at this link.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Correct cloud access flaw that allows an old password to be used if previously saved

    There is a HUGE security flaw that allows for a saved password to be used for online access even if the cloud password was changed. It might relate to the process that reduces the requirement for password request. This is dangerous if a password was saved on a computer that is no longer in one's possession.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base