Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. The deletion does not work despite repeated attempts to report to the IP Delist Portal. IP [145.239.86.74]

    The deletion does not work despite repeated attempts to report to the IP Delist Portal. IP [145.239.86.74]

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. "J" junk and blocking shortcut in Outlook online mail

    Dear Microsoft,
    I would ask that you get rid of the shortcuts that only require 1 key to implement. There is a "J" feature that I have inadvertently used twice to junk and block emails from my boss. An accidental hit of the keyboard and poof, they're gone. Please take this into consideration and either add a "ctrl" or some other feature so as not to accidentally block emails with just the hit of the "J" button.
    Thank you.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Improve International Spam Filtering

    In our troubleshooting with MS to reduce flood of approx.11,500 spam / unsolicited email messages for a particular user, we've implemented International Spam filtering (regional filter). This setting checks to see if the IP address sending the emails are from a specified region.

    We recommend this setting also include blocking the top level domains (TLDs), or at least that verbiage that this is a geolocation type of technology (IP address, etc.) be added (i.e., tool tips, support documentation, etc.).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  4. O365 Retention Tags - Do not act as per documented on Technet

    Microsoft documentation clearly states a E3 or E5 license is required to enforce retention policies from Office 365 compliance center. I have proven this to not be true and opened a ticket with Microsoft, their response was:

    "While an archive\Retention can technically be applied to a shared mailbox without a license, this is not supported. Since it is not supported to do so, this ability may be removed in the near future."

    a) Either fix the product to do what your documentation states, or change your documentation and support O365 retention policies on non licensed mailboxes.

    b) Do proper QA…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reports  ·  Flag idea as inappropriate…  ·  Admin →
  6. Sharepoint: Disable auto checking "share everything in this folder, even items with unique permissions"

    Sharepoint Online: Please disable auto checking "share everything in this folder, even items with unique permissions" when providing people with access. It's often forgotten to uncheck it and that causes unwanted access to items with unique permissions.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Create an Alert for Newly created Document Library

    We would like to setup and Alert when Document library is created by the super users, so IT department can double check the security setting.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow us to change devices name at [Device Operation] page

    *English follows Japanese

    ■Title(件名):
    [デバイス操作] ページのデバイス名変更機能の実装要望
    Allow us to change devices name at [Device Operation] page

    ***************
    ■Description(内容):
    現在、Microsoft 365 MDM 機能において、[デバイス操作] ページに表示されるデバイス名を任意に変更することができない。

    どのデバイスであるかを管理することが困難なため、[デバイス操作] ページでのデバイス名の変更機能の実装を要望します。

    I would like to change devices in any name at [Device Operation] page for Microsoft 365 MDM to recognize devices by name for better manageability.

    Thank you for your consideration.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Quarantine "Not yet released to" should be near the top of the page

    The "Not yet released to" field would be better near the top of the page instead of at the bottom so you don't have to scroll down to see who the email is going to be released to.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow NIST 800-53 baseline implementation (low/moderate/high)

    A filtering option to apply NIST 800-53 controls for a low/moderate/high baseline should be applied.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  12. §7-4-302

    {170fa89a7-6889a-69a4c9eb17-12bcc:)svst...
    Vcard (205) 945-7201 kATH-E6C9D289B -19 C.J.S. CORPORRATION§§1626-1630
    1d1ff2d.RDS
    LAW NO:86-776.7
    SEE, DALTON LAW https://info.evidon.com/pub_info/16847?personalization=delete&Solid=amexcm_cmo_my1

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. notification

    A sender-notification action should be available in Transport Rules. This would be great to notify internal senders that their content contained sensitive data and then was acted upon in some way. Currently, only recipient notification is available.

    Security & Compliance Center allows the admin to create lengthy notice messages to the sender, but doesn't allow dynamic content of the sort available in T-Rules -- the %%parameter%% attributes for sender, subject, etc. (See https://blogs.technet.microsoft.com/eopfieldnotes/2015/01/16/recipient-notifications/#comment-23875).

    Alternately those dynamic attributes could be made available in SC&C, which already has the option for sender notifications.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  14. re synchronize sharepoint user without needing to delete account from the active directory

    Currently, the user account can not be refiled from the sharepoint without deleting the active directory account in some cases.
    It is necessary that it can be done when there are users who have problems in sharepoint.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Stop asking me to connect my computer to the internet regularly to verify my office 365 account. This is very annoying. You only need once.

    Because my account has already been verified when I activate my office 365. It is not necessary to do this time and time again. I do not want to connect my computer to the internet. This is very annoying,

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Privacy  ·  Flag idea as inappropriate…  ·  Admin →
  16. Block file transfer that is in progress to OneDrive

    WE do not want users to bulk transfer files from on premise shared storage to individual OneDrive storage.

    Please include the following capabilities:
    1) Audit log entry for number of files and size of file transfers
    2) Notification to admins if file transfers exceed a user selected setting on # of files and on file size
    3) Ability for admins to stop file transfers, if required.

    One justification: If a person is on legal hold, any files uploaded to OneDrive will be there permanently, although inaccessible to the user. Files that contain confidential or sensitive information cannot be deleted, increasing…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  18. add DLP for Not for profits

    data loss protection added to the Enterprise 1 Not for profit would be great as we deal with so much PHI HIPAA information. thanks

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Message Encryption & Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. enable touch ID with Sharepoint mobile (Outlook mobile has it)

    enable touch ID with Sharepoint mobile (Outlook mobile has it)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base