Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make date formats correspond to users localisation settings.

    By default, Office 365 Security & Compliance dashboard shows dates in M/DD/YY format. Date format should either be selectable, or correspond with the users local settings such as DD/MM/YYYY For English (United Kingdom).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. SCC Admin Quarantine email releases to all recipients when "release to other people" field is left blank

    When releasing emails from the Quarantine, if the "to other recipients" option is chosen and left blank (which the tool allows) email is released to all recipients. There is no notification nor documentation about this. If I am choosing "other people" there is a clear intention not to release to original recipients.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  3. ip address log

    my up address history

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Are there flags sent with diagnostic data to distinguish it from unsanctioned outgoing data sourced ffrom malware?

    The inclusion of an un unreplicable token having a checksum or other content validating feature with program feedback data would assist a system monitor scanning outgoing data looking for unsanctioned messages by reducing overhead and simplifying recognition logic to make it static to reduce maintenance overhead..

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow us to rewrite the Subject like your competitors have been doing for years

    when we encrypt a message we use a [secure] tag in the subject we want to remove that tag after the message gets encrypted, but you do not allow it

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  6. Report on why Secore Score changes

    An explanation regarding why a Secure Score action has changed with no admin intervention, would be good.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. 3DES usage

    Spreadsheet of TLS 3DES usage needs a column for Cipher used. Showing us which protocol was used is ok, but knowing that Bob connected with TLS 1.0/1.1 doesn't tell us if the Cipher used was 3DES or not.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. Content Search report should what has triggered

    In Security and Compliance, Content Search, you can view a report or download a report. It should be nice if you could see what keyword of the query caused this document of mail to show up in the results. For example, I have one query that queries on BSN(social security number in the NL) and CV(resumé). When I look at a hit in the report, I don't know what keyword, BSN or CV, triggered this.
    I assume the answer is in this case to create two separate reports but I can imagine that you don't want to build that many…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  9. Opt out and update preferences should completely remove email address from all future mailings

    Currently when a user opts out or unsubscribes or updates contact preferences they may still receive emails from Microsoft - can this be fixed so all emails are stopped completely ?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make the data on TLS-Deprecation-Report.csv to be accurate

    I would like the TLS deprecation report to show accurate data when downloading it from Service Trust Portal, because it contains a lot of data for non-impacted devices.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow search for all activity by IP

    I would like to search the entire activity log by a specific IP address.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  12. Notifications for Submission results in Security and Compliance Center

    Currently once a report has been submitted through the "Submissions" section of the "Threat Management" category inside the Security and Compliance Center, the only method of finding out when a submission rescan has completed is by going into the portal and checking for its status manually. Sometimes scans can take more than a day to complete, it would prove useful to have some kind of notifications for scan completion.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow us to preview .PDF files on a mobile device in ATP

    We should be able to 'Preview' .PDF files from our phone if we have if ATP Safe Attachments with Dynamic Delivery in place. If works on the desktop.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Show all changes that have occurred to a single mailbox or group

    The Audit query would be more useful if a person could search on all access activity on a mailbox, and/or all changes to a group.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Quarantine should have a button to report phishing emails.

    I get hundreds per day and it's impractical to release them all and report them.

    Working in the Quarantine is a MESS! The GUI is something I'd expect back in the 2000's.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Language Office Message Encryption

    I believe this is a MUST for multi-national companies. When OME sends out it's generic wrapper email to the recipient, it needs to be read by the recipient in the language they are fluent in. I know it is hard to know what language the recipient speaks, so maybe the best approach is to pick the top 25 languages used in business and translate it to those 25, and place links to each translation in the top of that generic email to the user, so they can click on the correct translation and read in their preferred language.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Unencrypt Replies Automatically Based on Recipient Being Internal Not Sender

    the old OME 1 allows us to enencrypt replies automatically based on the recipient being Inside the Organization, the new version of OME only does it if the Sender is in the Organization, please allow us to unencrypt the replies coming back in to our company based on the recipient being inside the organization, it's a pretty common need

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. Portal for external users to send secure message to users on Office365 without having to force encryption for all incoming domains

    We just migrated to Office365 and noticed that we don't have the ability for customers to send us secure messages without forcing encryption on all incoming messages.

    We had a portal for customers to use and create an account, then they would be able to send us a secure message within the portal. We would like to have similar feature for Office365 but it is not available now.

    The work around for this is for the customers to call into our Customer Service Center, we then send them an encrypted email. They would need to get a onetime passcode in…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Policy Tips for Office for Mac 2016 do not display

    Policy Tips for Office for Mac 2016 do not display. The user only receives the email message if it is denied based on a DLP rule. It seems unjust that there is a discrepancy in features that function across the different OS's when the price is the same. Would like to see this working and it is NOT an advanced feature.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base