Feedback by UserVoice

Microsoft Information Protection (MIP)

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow mailbox delegates to access protected content on behalf of managers

    If a user is a designated delegate of a mailbox of another user, allow them to access content protected to that user

    84 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  11 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. An easy way to request and be granted additional rights to already protected documents

    Make it easy for document owners to receive requests for additional rights to protected documents and have that update all copies of that document i.e. maintain a central rights catalog

    74 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow Journal decryption in OME

    Currently RMS-encrypted mails can be decrypted for the purposes of journaling, but OME-encrypted mails - even though also based on RMS - does not have the same option. Set-IRMConfiguration -JournalReportDecryptionEnabled $true is used to enable RMS journal decryption. I suggest something similar is developed and made available for OME.

    52 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow for adjusting the link expiration time for an OME v2 encrypted message.

    Currently it appears set at 2 months. Would like to see ability to increase/decrease. Maybe max 1 year? Not sure the exact max needed, it would likely change by customer needs/retention policy.

    43 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Encrypt Only as an outcome of a sensitivity label

    The new version of OME that is now more integrated into AIP needs to have an encrypt only option such as you can configure using the message classification configuration.

    The DNF use case is too restrictive for our organisation.

    Thank you for consideration.

    43 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    We're working on it!  ·  7 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Read receipt for when encrypted email is read.

    Products like ZIX are able to deliver a notification when someone reads the encrypted message they were sent.
    Our Customer has requested this feature to be added in O365

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Office apps on all platforms move to AES256/CBC (from AES128/ECB)

    Update the encryption to 256 from 128 on all Office endpoints

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow policies not to automatically grant owner right to document creators

    While document creators have by definition unrestricted access to the data they add to the document, having owner rights would allow them to later extract data others have added to the documents they created. Owner rights also allow creators to downgrade classification on documents that have already been classified.
    The suggestion is to have a setting on each policy that when enabled does not automatically grant the creator of a document full control rights or the ability to reclassify once the document is closed. This should enable revocation of access for content creators and would also prevent such users from…

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Prevent FullAccess delegated Users to read Protected Mails in OWA!

    If a user (secretary) has "Full Access Permission" to the Mailbox of another User (her Boss) she can't read protected mails in Outlook which is ok BUT: she is able to read them if she opens the other users mailbox in OWA. This is a serious security problem and shoud be fixed immediately.
    Only the MailboxOwner should be able to read protected Mails.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →

    While some of our customers consider access by a mailbox delegate a problem, others have said they consider it a must have (e.g. for executives whose admin does all their email). In some cases, both behaviors are necessary within the same organization.
    We are evaluating possibilities for implementing a solution that addresses both cases.

  10. Enable the encrypt button in Outlook for Business Premium subscriptions

    Enable the OME encrypt button in Outlook for users with a Business Premium with OME bolted on. This appears in OWA so why shouldn't it also be available in Outlook. If you are paying for the licence you should get the tools you need to use it.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Block email if manager attribute is empty in message approvals

    message approval action in transport rule will check for empty manager attribute and if manager attribute is empty then will block or reject the message.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Split "track" and "revoke" functionality

    As we sometimes see the need for revoking access to a content, but not necessarily tracking of it (due to privacy reasons), it would be great if these two functionalities are not bundled but can be enabled separately. The workaround to enable the "do not track" company wide, and hence use the revocation could work, but still the button label "Track and Revoke" may mislead the users.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Office 365 Message Encryption - One time passcode not working outside Microsoft system

    The one time passcode was working few weeks ago for people outside of our organization, but it is no longer working and nothing has been changed from our end. I have been on a call with Microsoft Support and they told me that will not work with Gmail, which is not acceptable because our clients have their domain integrated with Google and they are using Gmail. It is also not working with Yahoo as well. OTP works with Hotmail because it is a Microsoft product. I know it works using a Microsoft Live account but that is not the point.…

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Office 365 Message Encryption: Set Custom Subject in Notification Email

    When an email with OME is sent, it is delivered to the recipient as a notification with instructions to view the message on the portal. The body of that notification is changed, but the subject of the original email is preserved. Please provide the option (another parameter in Set-OMEConfiguration) to set a custom subject for that notification email while still preserving the original subject when the recipient views the email in the portal.

    For example, allow an administrator to replace the notification email's subject with something like "You have a new encrypted message." Ideally, it would be great if we…

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Protection with user-defined permissions should allow additional settings. e.g setting Allow Offline Access which is not set by Office

    When setting Protection policy with Set User Defined Permissions, the Admin should be able to include settings like Allow Offline Access within the Protection policy. This would then act the same as a protection policy with no users defined except for the Allow Offline Access setting, and the Office user selecting users and permissions.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. SMTP through Exchange Online with Azure Info Protect

    It would be great if mail messages generated and sent via a PowerShell or Telnet SMTP sessioin could make use of Azure Info Protect instead of RMS.

    For example, if I enter the command:
    PS C:\Users\fakeuser> Send-MailMessage -From noreply@blah.com -To fakedude@gmail.com -Subject "Testing Encryption Again2" -Bo
    dy "Test PowerShell message send which should be encrypted" -SmtpServer smtp.office365.com -Credential $msolcred -UseSs
    l -Port 587

    Currently, I can only get either of 2 outcomes by doing this:
    1.) If I change a label to detect the use of a keyword (i.e. the word "credentials") and then apply 'Highly Confidential', AIP does not…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Simply enroll S/MIME certificates to users with 3rd Party Certificate Authority

    Enrolling S/MIME certificates for email encryption/signing is such a pain. Could Microsoft team up with a 3rd Party CA like Thawte and easily enroll and configure this certificate to users in the organization? Microsoft should be able to configure the certificate in Outlook Client, Web Access and Outlook Apps without any user interaction required.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. S/MIME different digital certificate can be associated to different (correspondingly verified) email accounts of the same profile.

    S/MIME different digital certificate can be associated to different (correspondingly verified) email accounts of the same profile. Outlook should have the option of associating different "signature blocks" to different emails to associate different digital certificates to the respective verified email/account.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. DKIM sign all internal e-mails

    On a tenant with DKIM configured and enabled, using a domain with a configured DMARC policy, Microsoft does not DKIM sign the message.

    This might seem fine to Microsoft, the message originates and terminates within their system, and to Microsoft there's no reason to enable features that allow other systems to verify the authenticity of those e-mails.

    This ignores third party e-mail filters that hook in to O365 to catch phishing attempts. Phishing of internal e-mail domains would be the most difficult to catch for average users.

    Another scenario not involving third party tech solutions is this that DMARC alignment…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. OWA should respect message expiration rules

    When an inbound rule causes content expiration (for example, message expires after 3 days), then the messages is expired and no longer accessible in Outlook Desktop for Mac and Windows, BUT is still plainly visible in OWA with all content. OWA even shows a message saying "This message will expire on: <date in the past>" and still shows the full message and attachments. A huge gap in security, not sure how this even meets an MVP for this capability.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base