Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow verification that auditing is turned on via the Security & Compliance Center

    A simple page where O365 admin users can view and verify whether or not auditing is turned on

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  2. restrict connection to office365 or Exchange on-line specifically, from computers connecting through one internet IP address.

    This might be possible already, but the tech who assisted me with case number 10611929 did not mention how to do this, but all company computers are behind a single internet gateway with a single public IP address. We wish to limit email pickup to computers behind that address and allow no others, although there mat be a couple of exceptions (not sure how that would be done, but anyway...)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add Mailbox View for Encrypted Email

    Add a mailbox view for recipients of messages encrypted by OME. Right now, recipients have to click on the link in each individual email. We would like for recipients to be able to click on that same link and be presented with an OWA-like view that shows all encrypted messages received for a given time period. We deal with many companies that receive several encrypted emails from us each day and having a mailbox view of those messages would be ideal.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. mac export

    Please support e-discovery export via MacOS. Also, provide a more modern PC-based export. In detail:
    1. There is no MacOS export client to accept the encryption key and download files. In large security/legal organizations I am familiar with, the security/legal teams use MacOS in larger proportions and therefore ought to have access to tools to export data from e-Discoveries.
    2. The PC based utility runs some goofy click to run application. Running that process and not using the exact same previous utility throws errors. The design is silly and really should use a standalone installation utility OR be lest reliant…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  6. Encryption for Exchange Online (plan1)

    Outlook.com currently offers seamless out-of-box-experience for encryption.

    https://support.office.com/en-us/article/learn-about-encrypted-messages-in-outlook-com-3521aa01-77e3-4cfd-8a13-299eb60b1957

    however, Exchange Online (plan1) supports only S/MIME which needs extensive configuration.

    https://blogs.technet.microsoft.com/exchange/2014/12/15/how-to-configure-smime-in-office-365/

    can we have a similar OOBE in Exchange Online (plan1)?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Filtering Email

    I receive a lot of bulk email digests. I signed up for them on purpose because of my job. Most of them are getting caught in the bulk mail filter, which would be fine, except when I release them into my inbox, Outlook is ignoring the rules I have set up to sort these emails into folders. I want to look at them at a specific time and not have them clog my inbox when I release them. It's adding unnecessary time to my workday.

    I would like it if these could be marked after being released so that either,…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  8. The attack simulator mfa

    MFA is required to use Attack Simulator. This requirement should be satisfied if the user signed in from a Trusted IP. Otherwise there should be a way to force MFA when signing in to protection.office.com.

    Otherwise if you are using a Trusted IP you can't use Attack Simulator

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Created DLP Policy (block the credit card or Hong Kong Identity Card) Cannot be Triggered

    Created DLP Policy (block the email content with the credit card no. or Hong Kong Identity Card no.) Cannot be Triggered

    I created a DLP Policy in 'enforce' mode which blocking the email to send out to external organization if the credit card no. or Hong Kong Identity card no. in the email, but the DLP policy did not trigger and email still can be send out.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow for different NDR when using on premise Exchange with EOP

    The current NDR message sent from Office 365 states the mailbox you're trying to reach is hosted by Office 365, even if your only using EOP with on premise Exchange. Our mailboxes aren't hosted by Office 365 and the NDR saying they are creates a problem for us because we have NDA's that prohibit mail from being hosted in the cloud. We're only using EOP as a protection service, not Office 365 mail hosting. A feature that allows for either a custom NDR or one that uses the information from your on premise Exchange server would be a great feature…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Exporting search results should be background process

    only option to export the search result from ediscovery through browser which occupy large amount of memory during export process. we want the request through power shell and it should be background process

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add Biometric support to encrypt/decrypt Excel files

    Currently passwords are the only way to encrypt and then decrypt Excel files. Adding Biometric as another option would significantly improve the user experience.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Suggest creating an incident report when setting test X-headers

    When tuning malware and spam filters, there is an option to add an X-header when a message meets a filter, rather than taking action. There is already a tool popup; add a link to an article about creating an advanced incident report, searching on message headers. Note in the tip that this is how one would test this filter.
    Currently, it is not obvious that this is the way to audit this. Was disappointed this was not a feature in mail trace.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  14. outbound SPAM policy

    we need to add a action that if detect outbound spam emails, we can create a action that put the spam emails to quarantine, at now only cc this email to administrator, no block or quarantine policies.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to map system name to open one drive for critical projects. So only form defined systems one drive can be opened so data will safe.

    Ability to map system name to open one drive for critical projects. So only form defined systems one drive can be opened so data will be safe.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  16. A virus has still managed to enter our Exchange Hybrid Server via EOP.

    Virus/Malware: TSPY_FAREIT.SMBD
    Endpoint: ExchangeServer1
    Domain: Servers\
    File: C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\data\Temp\UnifiedContent\992110b6-f5f6-44d2-ad0b-da61c456cec0 (PaymentcopyInvoice000867423.exe)
    Date/Time: 18/09/2017 09:46:52
    Result: Virus successfully detected, cannot perform the Quarantine action (Please see scan result of infected file: 992110b6-f5f6-44d2-ad0b-da61c456cec0)

    Could we include these virus types into EOP detection list

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  17. How to deliver notifications of delivered spam emails to administrators

    However, the administrator must check each time that the message is quarantined if you select Quarantine Message in Spam Filter's Spam and Bulk Actions.

    Recipient users can be notified by enabling the Configure end-user spam notifications ... setting, but it is inconvenient if you do not want to be notified.

    しかし、管理者は、スパムフィルターの[スパムおよびバルクのアクション] にて、[メッセージを隔離する]を選択した場合に、検疫されたかを都度確認しなくてはいけません。
    受信者のユーザーに対しては、[エンドユーザーのスパム通知を構成する...] 設定を有効にすることで、通知ができますが、通知をしたくない場合は不便です。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. DLP Detailed Reporting

    The current reports of DLP for email module, does not show action taken by sender's manager or whether the email has been successfully (success or failure) sent outside the organization. Without this information, it is difficult to get hold of the offender who is himself/herself a supervisor and have instructed his/her reportees to send the email containing sensitive data. Have already tried message trace option, it did not give desired results since the filters are limited and gives truncated data when doing a historical search.
    We need these two parameters in the DLP report to do a monthly violation analysis.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow the ability to move files within OneDrive when conditional access app restrictions are applied.

    When application restrictions are applied to SharePoint/One Drive and conditional access is used to apply this to un-trusted devices the users are unable to download/sync/print to avoid data leakage which is the expected behavior however users are unable to move files/folders within one drive itself which appears a serious limitation as the data is not being removed simply relocated within itself.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base