Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Can Service Trust Portal support IE11 soon?

    It would be nice that Service Trust Portal will support IE11 soon!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  2. When an email from an external sender is sent to hosted quarantine for any reason (i.e. attachment type), notify the sender with reason.

    We have a transport rule that moves external email with specific attachment types to hosted quarantine - so we can release them if we need to. We would like to be able to send replies to the sender - asking them to consider re-submitting their email with an acceptable document type such as PDF.
    We could do this if we simply blocked the message altogether, but the idea of hosted quarantine is that we can review and release if it is necessary, without involving the original sender.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow Export of folders for user instead of search in Security and Compliance.

    Allow Export of folders for user instead of search in Security and Compliance.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. DLP notifications webhook

    DLP Alerts should also have webhook capability and not just email.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  6. Custom sensitive information type - Allow minimum count for regex

    The GUI does not allow the minimum count for regex, only keywords. By allowing minimum count for Regex. This is to ensure eDiscovery search cases provide the same response as DLP policies.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  7. UI: please add an export button at the end of the controls

    Please add another "Export to Excel" button at the end of the controls page.
    It usually makes me first scrolling down - recognizing that the button is not there - and scrolling all the way back to the top. Just doublicate the button!
    Thanks!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Compliance Manager  ·  Flag idea as inappropriate…  ·  Admin →
  8. Update DLP rules to close Document Versioning loophole

    A file that passes the DLP rules can still contain visible Sensitive information in a previous version of the file. This directly bypasses the intended behaviour of the whole DLP system (to restrict access to sensitive information).

    One of the primary ways to unlock a DLP locked file is to update the file to remove the sensitive information. By doing so the DLP flag will be removed and file access by other users restored. Currently, this actually exposes the sensitive information contained in the file because these other users can easily view the sensitive information via the version history of…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  9. Compliance Center Issues

    I have been doing a lot of testing with Search in the Compliance Center against OD4B sites in SPO. We are a very large origination (55,000+ users) and currently have over 24,000 OD4B sites. The admin center in the Compliance Center is limited but does work as advertised to some extent. I can search and retrieve the first 200 items for preview. It is a bummer that the preview or entire results from the query can't be exported here. That led me to move to PowerShell using the Compliance Center commandlets. I am very disappointed in it's current function. I…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
  10. Can you add Malaysia Passport Number as part of the DLP template offering?

    Can you add Malaysia Passport Number as part of the DLP template offering?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  11. Differing Status Views in Office 365 Admin Quarantine

    The 'new' admin quarantine page (to be switched over in October 2018) appears not to show status of quarantine emails. In the old view, I put in a user in the recipient field and up comes 3 emails spam or otherwise. Status reports they have been released, so if there is any question, I can say, yes, it has been released. However, on the new quarantine page view, when putting the same user in the recipient field, nothing is listed. Could this be enabled please?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow more than a single transport rule for OME

    Recently, I created a DLP Transport Rule for Office 365 using the US Financial Data Services as a template and the transport rule action was to Apply Office 365 Message Encryption.

    Prior to implementing this transport rule I had a simple OME policy of encryption e-mails with a high priority that were sent outside my organization.

    After spending some time trying to figure out why this Transport Rule (and corresponding action) was not working, I have learned that having more than one Transport Rule using OME is not permitted.

    I see this as a shortcoming - as using an encryption…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  13. Statement of Applicability is not published

    Please publish the Statement of Applicability dated October 18 2018 used for Office 365 ISMS.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Trust Portal  ·  Flag idea as inappropriate…  ·  Admin →
  14. No alert for PII email with blank subject line

    There is no alert in Security and Compliance for an email containing PII with a blank subject. User notification and policy tip work.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  15. A locked policy can be increased or extended, but it can't be reduced or turned off. This is very bad! allows changes, but not the history

    The retention policy lock should be able to be changed! The forever unchanged is the history of content and should be backup in a separated location. Right now, if the retention policy includes SharePoint, the sharepoint site admin not even can delete the lib/list etc. This is dumb. The retention should smart enough to backup the delete files and without interrupt the users.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. AIR (preview) add warning banner to actions approval

    Currently AIR might find that normal links to Facebook or LinkedIn company pages are malicious, and consequently suggest in an investigation to delete any mail with such links. It's currently too easy to just approve 5-7 suggested actions of a suspect malicious mail - and perhaps delete 1 million legit mail in the process.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
  17. The operation log of the audit log cannot be confirmed in detail

    The operation log of content search is confirmed in the audit log.
    However, although it is output as a search result, I would like to check in detail, such as "Administrator A confirmed the email received at User A's 8/1 11:11".
    ----

    コンテンツ検索の操作ログを、監査ログにて確認しています。
    しかし、検索結果としては出力されますが、「管理者 A がユーザー A の8/1 11:11 に受信したメールを確認した」のように細かく確認したいです。

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Auditing  ·  Flag idea as inappropriate…  ·  Admin →
  18. Centralised way to clear user's suggestions

    Suggestions can only be cleared by users selecting the X next to the suggestion.

    Provide O365 admin the ability to clear a user's suggestions or a collection of users (domain or tenancy).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Advanced Security Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow searching of second level malware family without adding top malware family as search item

    The threat explorer allows to search for malware families. You need to enter either the top-level Malware Family or top-level+second-level malware family. This makes searching for malware, without knowing the exact top level family very difficult.

    Example : Searching for "DDE".
    In order to find all malware related to DDE you need to include "O97M" (top malware) in the search for DDEDownloader.C

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  20. To warn users not to use To and CC when sending email to multiple customers due to PDPA

    There's no DLP rule to prompt user of a shared mailbox not to use "To" and "CC" field but to use BCC. This is for situation where user of a shared mailbox wants to send promotional and announcements information to customers but don't want to reveal the customers' email addresses due to PDPA.

    It'd be very helpful if it prompts (warning message) to user not to use To and CC but to use BCC field instead when sending email to multiple recipients such as customers.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  DLP & Transport Rules  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base