Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Microsoft Ticket 7765577 Email address: sales@garrtool.com An outside person used an unprotected page of our Web Site to generate 100,000

    Microsoft Ticket 7765577 Email address: sales@garrtool.com

    An outside person used an unprotected page of our Web Site to generate 100,000 emails. On Sunday April 1, 2018 10,000 emails were send and then Microsoft blocked the account and then Monday April 2, 2018 before we opened for business Microsoft open the account again and 10,000 more were sent out and Microsoft blocked our account again. When we started work we found a lot of rejected emails and that we could not send emails. We shut down the Web Site until the bad page was turned off and later fixed with a…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Status Update Sync Interval

    When performing an action, such as soft delete, on email(s) via the "Hunting" tool, the status remains "In progress", long after the emails are successfully deleted. When going back to review the logged incident, the status does indeed update to "Completed", however this does not occur for hours after the initial action was taken. I would like to see this sync time decrease to update the status quicker.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. メール送信者自身の監査

    メール送信者自身の監査ログが見る事が出来ないようなので、メッセージ追跡(最大保存90日間)やコンテンツ検索ではなく、監査ログの内容が見れるようにしていただきたいです。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. do not block safe sites

    My idea is that you should not block a perfectly good site. I was receiving information regarding an ornithological research project and you blocked it.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  6. Physician, heal thyself.

    Anti-spoofing measures are a bit of a joke when Microsoft just spoofed my email address to spam my kids about Family Notebook.
    Speaking as a consumer, I can assure you this was a very poorly conceived piece of marketing.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Emails in the junk folder still ask if we want to send a read receipt. Seems like a security concern

    If I have labeled a sender as junk, it seems risky for my to have to click on something thy have sent. If I have classified them as junk, I would rather not be asked to send a read receipt

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow verification that auditing is turned on via the Security & Compliance Center

    A simple page where O365 admin users can view and verify whether or not auditing is turned on

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  10. antispam

    Anti-Spam Outbound settings exemption doesn't have the option to select "Recipient domain is ". is it possible to add that option .

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow for different NDR when using on premise Exchange with EOP

    The current NDR message sent from Office 365 states the mailbox you're trying to reach is hosted by Office 365, even if your only using EOP with on premise Exchange. Our mailboxes aren't hosted by Office 365 and the NDR saying they are creates a problem for us because we have NDA's that prohibit mail from being hosted in the cloud. We're only using EOP as a protection service, not Office 365 mail hosting. A feature that allows for either a custom NDR or one that uses the information from your on premise Exchange server would be a great feature…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Exporting search results should be background process

    only option to export the search result from ediscovery through browser which occupy large amount of memory during export process. we want the request through power shell and it should be background process

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Provide an app for mobile follow-up of ATP alerts

    It would be good to have an app which can display the overview of all alerts. (Like it's being gathered in the security.microsoft.com)
    This makes it easier to know when you have to take action and open the portals when your on duty during evenings/weekends, or when you're on the road.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add Biometric support to encrypt/decrypt Excel files

    Currently passwords are the only way to encrypt and then decrypt Excel files. Adding Biometric as another option would significantly improve the user experience.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Suggest creating an incident report when setting test X-headers

    When tuning malware and spam filters, there is an option to add an X-header when a message meets a filter, rather than taking action. There is already a tool popup; add a link to an article about creating an advanced incident report, searching on message headers. Note in the tip that this is how one would test this filter.
    Currently, it is not obvious that this is the way to audit this. Was disappointed this was not a feature in mail trace.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  16. O365-ProPlus - New GPO with an option like « Allow HTML rendering but disable JavaScript »

    Following case #20768628 on O365-ProPlus

    We'd like to ensure that JavaScript in body of e-mails will never be interpreted in Outlook.

    According to our phone call, we (unfortunately) understand that Microsoft cannot guarantee that there is no specifications mandating that Outlook must never interpret JavaScript in mails body.

    It seems to us that Microsoft should change the GPO with an option like « Allow HTML rendering but disable JavaScript ».

    Regardless the evolution of MS-Office suite(s), this option should always guarantee that JavaScript is neutralized in e-mail HTML rendering.

    Best regards

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. O365 Account Locked for sending out over 30 messages per minute, could this be handled exceptionally by email account?

    I understand that O365 should have rule to prevent bulk mail as a spam, but if that email is a workflow mail account and it need to send out with numbers of transaction. I have problem with workflow mail account that use O365. It is possible that the workflow run multiple flow at a time. But if O365 lock the behavior , over 30 mails per minute, the workflow system will not work for the whole day. I think Microsoft should have flexibility to review this policy by account. Now I still stuck and cannot increase workflow to transform paper…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  18. A virus has still managed to enter our Exchange Hybrid Server via EOP.

    Virus/Malware: TSPY_FAREIT.SMBD
    Endpoint: ExchangeServer1
    Domain: Servers\
    File: C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\data\Temp\UnifiedContent\992110b6-f5f6-44d2-ad0b-da61c456cec0 (PaymentcopyInvoice000867423.exe)
    Date/Time: 18/09/2017 09:46:52
    Result: Virus successfully detected, cannot perform the Quarantine action (Please see scan result of infected file: 992110b6-f5f6-44d2-ad0b-da61c456cec0)

    Could we include these virus types into EOP detection list

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  19. How to deliver notifications of delivered spam emails to administrators

    However, the administrator must check each time that the message is quarantined if you select Quarantine Message in Spam Filter's Spam and Bulk Actions.

    Recipient users can be notified by enabling the Configure end-user spam notifications ... setting, but it is inconvenient if you do not want to be notified.

    しかし、管理者は、スパムフィルターの[スパムおよびバルクのアクション] にて、[メッセージを隔離する]を選択した場合に、検疫されたかを都度確認しなくてはいけません。
    受信者のユーザーに対しては、[エンドユーザーのスパム通知を構成する...] 設定を有効にすることで、通知ができますが、通知をしたくない場合は不便です。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  20. alert policy filtering

    While creating an alert policy we can only exclude alerts by sender domain, add the option to filter by specific sender I.E instead of whitelisting alerts for @citibank.com allow us to filter by alerts@citibank.com. You should not filter your security alerts for something as broad as an entire domain.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base