Feedback by UserVoice

Microsoft Information Protection (MIP)

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Impliment multifactor authentication to better control the person that can decrypt email is the intended recipient

    Now if the email is accidently sent to the wrong person they can decrypt the email and have privileged information. We need better control to ensure that only the true intended person can open email.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Prevent downloading of attachments from encrypted messages (OME)

    I need to encrypt messages with OME that have a PDF attachment. Everything seems to work and the PDF is viewable using the online viewer however the user is permitted to download the PDF where it loses it's protection. I should be able to prevent the download of the attachment.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. 5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  2 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Use Variable in OME Configuration

    When configuration branding and specific email text in the OME configuration file, please allow the use of variables, such as email address or display name. This will allow the customized email text to behave similar to the default text, placing the email or display name of the sender in the email body.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow usage of Multiple Keys in AIP

    Currently AIP only support one Key (Either BYOK or Microsoft Managed) for Azure RMS (protection) of emails and document.
    I'd like to see an option which will allow the usage of multiple Keys and allow organization to use different keys based on the security needs, business requirements or different division within the company.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Persistent OME Portal Page to allow Receipient login

    Would it be possible to reconfigure OME to behave like some other industry encryption tools and allow users to have a temporary mailbox to log into to retrieve messages? Then in say 30-90 days of inactivity or even just in 30-90 days the system deletes the mailbox and all contents. They would have a persistant portal to come back to like mydomain.OMEmail.onmicrosoft.com. I think this would be what most users are used to doing to retrieve encrypted messages. Just post in bold letters somewhere this email will auto-delete in xx days.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow out-of-band key exchange for email encryption

    Currently, an email message can be decrypted by having a "key" sent to the user's inbox. This does little in protecting email if an attacker already has physical access to an account or knows the account credentials. It would be more secure if the user had (and forced) the option to receive the key outside of the email system (i.e. via SMS message only). If an attacker has access to an account, then in-band key exchange provides zero protection of confidentiality. Out-of-band key exchange would keep the user's encrypted email protected in spite of an attacker gaining access to the…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. RMS product support in the O365 product suite immature.

    No cross platform support even within the MS products (example: Office on Android).

    If you have RMS protected Document Libraries in SharePoint Online it is very difficult to use them in a day to day business across all platforms (Android, Apple iPad/MAC). The need to purchase 3rd party solutions to view PDF's for example is not desirable - Microsoft's own PDF reader on Win8 can't open an RMS document. There is also insufficient documentation from microsoft across the various configurations - a matrix is needed to work out how to open/edit RMS document types on the different platforms.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add an Advanced Setting to enforce 'offline access' option from the Protection Template

    Hello,

    we have two options to set the 'offline access' time:
    - in the protection template of a label
    - via PowerShell

    The more restrictive option is always prioritized.

    I would like to have an Advanced Setting which lets me choose which one to enforce per label.

    For example:
    - Label: Confidential \ All Employees (7 days offline access)
    - Label: Strictly Confidential \ Custom Permissions (0 days offline access)

    When I want to enforce the 0 days offline for custom permissions I need to set them via PowerShell.
    But then these 0 days are also enforced for the 'Confidential…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make IRM encryption and "do not forward" work with dynamic distribution groups

    Refer https://support.microsoft.com/en-us/help/4459264/cannot-view-office-365-irm-encrypted-message-for-ddg, "Assume that you send an email to an Exchange Online Dynamic Distribution group (DDG) that has an Azure Information Protection Information Rights Management (IRM)-protected template applied, such as "Do Not Forward." When the recipient tries to open the email, they are redirected to Outlook on the web (OWA). OWA displays a button to read the message, but selecting the button does not work, and the recipient gets caught in an infinite loop without being able to view the message."

    Apparently "This behavior is by design." as "IRM encryption does not support DDGs"

    Please make these options work…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Have a built-in dashboard or report summary for business justifications and false positives that users write to override a policy tip.

    Have a built-in dashboard or report summary for business justifications and false positives that users write to override a policy tip. Otherwise there is very little proper management and consolidated of business justifications / false positives which is needed to properly access the effectiveness of the policy tip and the actual compliance of users. Also, enable sending of incident report to user's manager or compliance officer so that relevant flags are sent to the relevant people [Ticket #:14230735]

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Notification of Sensitivity Label Changes

    Send email notification to the author of a document who has applied a sensitivity label, when the label changes.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Documents open in Read only mode, when sending an Encrypted email

    When i tried to send an encrypted email with attachment file, unable to edit the file , it opens in read-only mode , In order to edit the file, i need to save the file on my system, is there any way to edit the file without saving on the system??

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Enable tracking of protected emails consumed through all the available clients.

    Microsoft has released the ability to track consumption of OME-formatted emails but this only works for recipients that view the emails in the OME console, which is only applicable to some scenarios (e.g. B2C emails).
    For B2B scenarios, the ability to track emails consumed in Outlook or other clients (e.g. OWA, mobile or third party) is essential. This requires changing how email is consumed in some of these cases, since for example emails are licensed during delivery and not consumption in many scenarios (e.g. Mobile Outlook).

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Information Rights Management in Sharepoint to link to Azure Information Protection policies

    Azure information protection policies appear more configurable compared to SharePoint IRM. It would be great if a SharePoint IRM can be linked to an Azure information protection policy and apply its policy setting on top of the current SharePoint IRM options (which I found unsuitable to achieve my desired security configuration). Or expand the SharePoint IRM options to match the features available in Azure.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Rights Management

    I support several non-profit organisations with plan E2. Now when the new EU security is on the way it would be very helpful for them to have Azure Rights Management activated to secure their email traffic.

    Please, add Azure Rights Management to plan E2 and all "non-profit" plans.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Visual identification of encrypted email recipients

    When performing "Check Name", the server should also test the connection to each recipients' email server and somehow identify which recipients are encrypted and which are not. I'm imaging something similar to the browser address bar for SSL certificates which show a lock (or green if paid for) or red if it's untrusted.

    Example: When sending an email message, I would like some sort of visual feedback prior to sending the message that the message will indeed be sent via TLS or other encryption method.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Screensharing of Azure RMS protected files on Teams.

    Team members see a black screen if we try to show an Azure RMS protected file.
    Please add the permission to share screen of Azure RMS protected file on Teams.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improve end user experience when opening an expired protected file

    When the users open the encrypted file which is expired, it will pop out the message to inform the users "you don't have the permission to open".

    The message is too general, should be more specific to let the user know why he/she cannot open the file.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. More than 500 encryption labels

    I was wondering if the limit of 500 encryption label is due for increase at any time. We potentially need encryption labels per project (ie each label defines a project specific set of who is allowed to access). We will probably very soon run out of labels in this case. Any thoughts welcome.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base