Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. The Safe Links has started producing Error 503 Service Unavailable today.

    Safelinks in Outlook produces error 503. If it is disabled then links work again. Support says they know of no issue. But after testing, it is not on my end. Support told me to post it at this link.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Correct cloud access flaw that allows an old password to be used if previously saved

    There is a HUGE security flaw that allows for a saved password to be used for online access even if the cloud password was changed. It might relate to the process that reduces the requirement for password request. This is dangerous if a password was saved on a computer that is no longer in one's possession.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. How do you override a blocked link I sent to myself?

    There is nothing wrong with this Smartsheets link I was just using on another laptop 3 seconds ago, I cant work now.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. is there a way to exclude internal senders sending mails with attachment from being affected enforcement of OME enabled in tenant.

    is there a way to exclude internal senders sending mails with attachment from being affected enforcement of OME enabled in tenant.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. How about verbal assistance

    I once again request the help that comes from tech guru gums flapping. Questions answered in an personal way. The articles are informative to an extent, but yrs. is not an option for anymore unwanted edu. Lets talk... 8323408771 8325694539
    - Kristen Cole
    17210 Heritage bay 77598

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  6. O365 Audit Logs

    O365 audit logs (prior to October 2018) displayed successful logins from external IP addresses. i.e. staff who login from external PC via Web, iphone, outlook on home PC etc.

    It is now (for the last 12 months) shown only the occasional successful login from external IP (when I absolutely know there are many hundreds external logins). We have used this in the past to identify when accounts have been compromised. We do use MFA - but also check these logs daily as additional defense.

    I have had a job logged with Microsoft since October 2018 to resolve this issue and…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  7. Shut this thing down!

    Shut this thing down!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  8. Disable/Gray out the de-duplication checkbox for bulk/combined eDiscovery exports

    In the eDiscovery portal of the Security & Compliance Center, we create several Searches in a single case, when we select all search tasks to bulk export to one PST file, we will notice a checkbox to let us enable or disable de-duplication. However, for bulk export, de-duplication is enabled by default per product design, the checkbox does not make any difference. Can we gray out/disable the checkbox for bulk export to avoid confusion?

    Design:
    • When you export the results of multiple searches, the search queries from all the searches are combined by using OR operators, and then the…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  9. Can't read the CAPTUA sysbols. Way too hard.

    Cat down the number of symbols or/make them easier to read.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow Global Reader to view Permissions

    Global Reader is supposed to allow read-only access to everything in Office 365 Security & Compliance, but it does not.

    Global Readers cannot view Permissions at all. This will require a new role to be implemented, "View-Only Role Management" and then that new role will need to be added to the O365 S&C "Global Reader" role group.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. I logged in to the 365 Security and Compliance Center and have lost all permissions for content searching and eDiscovery.

    I logged in to the 365 Security and Compliance Center and have lost all permissions for content searching and eDiscovery 6-22-2017. All I can see if audit log search. What is Microsoft doing? This is really critical. We need to do FOIA and legal searches as well as phishing email searches. Can someone from Microsoft please help?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  12. Executable file restrictions are not customized in EOP when compared to other third party applications like Symantec, Dell, Iron-pot

    It is required to have better customization of blocking Executable file with end user notification like sender and recipient. These possibilities are available in Third party application like Symantec, Dell and Iron-pot when compared to EOP. Even I have discussed with Microsoft Tech team about this and they confirmed that the customization is not possible in office365 EOP.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  14. MSN and Bing Outlook not Working

    When I check my outlook mail it works when I check it with Bing or Msn they are unread

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Message Trace  ·  Flag idea as inappropriate…  ·  Admin →
  15. Apply recipient access to emails that are auto encrypted by AIP

    AIP labels configured to auto encrypt emails should add the email recipient to the permissions so they can access the encrypted email. Currently recipients can't access encrypted emails when AIP applies encryption.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Microsoft Office Key Scam 800-596-1743

    there is a phone Scam claiming that your Microsoft Office license keys have expired. Phone Number this come in on is 800-596-1743. call center in India insists that your office package will expire, and they are hired by Microsoft to help make sure your system and office does not quit immediately. they also stated that MS doesn't do auto- renewal, which is blatantly false.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. Adv Audit's default policy to cover audit records from all workloads and retain it for 1 year without requiring any custom policy.

    Advanced Audit capabilities's default retains only Exchange, SharePoint, and Azure Active Directory audit records for one year. Custom policy is required to retain audit records from all other workloads. We need the default policy to cover audit records from all workloads and retain it for 1 year without requiring any custom policy.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. (Frightful!) Need to stop automatic re-login to Office 365 from Edge browser

    When using the Edge browser from within Windows 10, and depending upon Windows/Office 365 Web settings, the previous user of Office 365 may be automatically signed back into Office 365, when they had actually signed out before ending their browser session. Unfortunately, too many of these settings happen automatically, which can be an administrative nightmare, as well as being a security vulnerability.

    Also need to make the checkbox regarding organization management of settings UNCHECKED by default , and the link for "this app only" should come up "clicked" BY DEFAULT (in other words, the link should instead say something like…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Deploy a high availability architecture in order to ensure the service for Outlook

    Recently an issue with one of your Exchange server impact users of many tenants with mail service interruption during several hours.
    With a high availability architecture you would have a secondary server to ensure the SLA for the Outlook users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. OneDrive Security Validation Adjustment / Allow Long File Uploads

    Currently, it is not supported for OneDrive customers to upload (via O365 Web Portal) for more than 30 minutes at a time. This makes large file transfers to OneDrive impossible. A security validation error occurs at 30 minutes and that validation setting (making it larger than 30) cannot be changed for O365 online. This setting can be changed with an on premise installation.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base