Feedback by UserVoice

Microsoft Information Protection (MIP)

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Screensharing of Azure RMS protected files on Teams.

    Team members see a black screen if we try to show an Azure RMS protected file.
    Please add the permission to share screen of Azure RMS protected file on Teams.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improve end user experience when opening an expired protected file

    When the users open the encrypted file which is expired, it will pop out the message to inform the users "you don't have the permission to open".

    The message is too general, should be more specific to let the user know why he/she cannot open the file.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. More than 500 encryption labels

    I was wondering if the limit of 500 encryption label is due for increase at any time. We potentially need encryption labels per project (ie each label defines a project specific set of who is allowed to access). We will probably very soon run out of labels in this case. Any thoughts welcome.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add an Advanced Setting to enforce 'offline access' option from the Protection Template

    Hello,

    we have two options to set the 'offline access' time:
    - in the protection template of a label
    - via PowerShell

    The more restrictive option is always prioritized.

    I would like to have an Advanced Setting which lets me choose which one to enforce per label.

    For example:
    - Label: Confidential \ All Employees (7 days offline access)
    - Label: Strictly Confidential \ Custom Permissions (0 days offline access)

    When I want to enforce the 0 days offline for custom permissions I need to set them via PowerShell.
    But then these 0 days are also enforced for the 'Confidential…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. MIP integration with Dynamics365

    --> Dynamics365 must be able to consume MIP encrypted documents and e-mails
    --> Dynamics365 should be able to create documents/reports and emails that are MIP classified and protected

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. DKIM sign all internal e-mails

    On a tenant with DKIM configured and enabled, using a domain with a configured DMARC policy, Microsoft does not DKIM sign the message.

    This might seem fine to Microsoft, the message originates and terminates within their system, and to Microsoft there's no reason to enable features that allow other systems to verify the authenticity of those e-mails.

    This ignores third party e-mail filters that hook in to O365 to catch phishing attempts. Phishing of internal e-mail domains would be the most difficult to catch for average users.

    Another scenario not involving third party tech solutions is this that DMARC alignment…

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. IRM PDF Reader for MacOS

    Currently there are no IRM supporting PDF readers for MacOS rendering the entire solution unusable for hybrid (Mac and Windows) environments.

    Optionally, add ability to exclude ".pdf" files from IRM protection in a protected library or an option to enable IRM on spesific folders.

    https://docs.microsoft.com/en-us/microsoft-365/compliance/sp-compatible-pdf-readers-for-irm?view=o365-worldwide

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow RMS to only apply to email, not attachments

    Linux users are unable to do anything with Office docs sent via email with RMS applied. It would be great if there were a way to create a rule to apply RMS, but exempt any attached Office documents. That way the MIME enclosures would still be encrypted, but not controlled by RMS so they can be downloaded and used using OWA.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Certificate Mismatch workaround option for Outlook Mobile

    Certificate Mismatch is a common situation across DoD where a user’s CaC was originally used with one email address (john.doe@mail.mil), however the user’s email address may actually be john.doe@unit.mil. It’s commonplace for users to move between joint commands creating a mismatch. There is verified Customer impact for USAF, USMC, Army, Navy and USACE. All use the current workarounds on-premises and cloud for both Outlook and OWA. Current workarounds only exist for Outlook desktop client (SupressNameChecks at https://support.microsoft.com/en-us/help/276597/how-to-turn-off-e-mail-matching-for-certificates-in-outlook ), and OWA (AllowUserChoiceOfSigningCertificate at https://support.microsoft.com/en-us/help/2497165/sending-s-mime-encrypted-mail-from-owa-returns-the-error-outlook-web-a ), but no workaround exists for Outlook Mobile.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make IRM encryption and "do not forward" work with dynamic distribution groups

    Refer https://support.microsoft.com/en-us/help/4459264/cannot-view-office-365-irm-encrypted-message-for-ddg, "Assume that you send an email to an Exchange Online Dynamic Distribution group (DDG) that has an Azure Information Protection Information Rights Management (IRM)-protected template applied, such as "Do Not Forward." When the recipient tries to open the email, they are redirected to Outlook on the web (OWA). OWA displays a button to read the message, but selecting the button does not work, and the recipient gets caught in an infinite loop without being able to view the message."

    Apparently "This behavior is by design." as "IRM encryption does not support DDGs"

    Please make these options work…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. We need a GUI for OME Branding in the Exchange Admin panel.

    Some things work better on the command line. This is not one of those things. Being able to update text, and graphics with a live example of how the message will look is critical to success here. The support article doesn't talk about verification. What's the workflow here? Run some PowerShell commands, send an e-mail, wait, look at the formatting, and then try again? That's not an efficient way to edit a visual style. The editor should be like a WYSIWYG editor. As you change the elements on the right sidebar the content in the middle changes, showing what the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Block User Non-TLS Connections To Exchange

    Currently, users connecting to an O365 mail server may do so over a Non-TLS connection.

    To my surprise Microsoft confirm that these non-secure connections cannot be blocked.

    This allows users to intentionally or unintentionally configure mail readers to connect over a non-secure connection.

    Blocking non-secure connections to a mail server has been a feature available to many mail servers on Linux for over a decade.

    Please consider supporting a feature to block Non-TLS connections.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. MIP can grant rights to documents based on a combination of document attributes (tags), user attributes, device attributes and other factors

    MIP currently grants access to content based on a fixed Access Control List defined in the policy.
    Granting access based on a series of arbitrarily complex rules that use attributes from different sources (Attribute Based Access Control or ABAC) would enable more flexible document protection scenarios such as limiting access to people based on the project they work in, their role in the organizational structure, their training status and more, and including in the decision different aspects of the document including whether the document is tagged as final, if it is flagged for external use or if it is related…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Enable the encrypt button in Outlook for Business Premium subscriptions

    Enable the OME encrypt button in Outlook for users with a Business Premium with OME bolted on. This appears in OWA so why shouldn't it also be available in Outlook. If you are paying for the licence you should get the tools you need to use it.

    17 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Block email if manager attribute is empty in message approvals

    message approval action in transport rule will check for empty manager attribute and if manager attribute is empty then will block or reject the message.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Encrypted message indicator on SENT messages is needed

    Outlook does not show the encryption status of messages sent. After sending an encrypted message, there is no way to show that it was actually encrypted.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Forward labeled message exposed

    Confidential (All Employees) Labeled message was forward to external, and external able to view the entire message thread. Is this a security flaw?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow policies not to automatically grant owner right to document creators

    While document creators have by definition unrestricted access to the data they add to the document, having owner rights would allow them to later extract data others have added to the documents they created. Owner rights also allow creators to downgrade classification on documents that have already been classified.
    The suggestion is to have a setting on each policy that when enabled does not automatically grant the creator of a document full control rights or the ability to reclassify once the document is closed. This should enable revocation of access for content creators and would also prevent such users from…

    23 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. OWA should respect message expiration rules

    When an inbound rule causes content expiration (for example, message expires after 3 days), then the messages is expired and no longer accessible in Outlook Desktop for Mac and Windows, BUT is still plainly visible in OWA with all content. OWA even shows a message saying "This message will expire on: <date in the past>" and still shows the full message and attachments. A huge gap in security, not sure how this even meets an MVP for this capability.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add Mailbox View for Encrypted Email

    Add a mailbox view for recipients of messages encrypted by OME. Right now, recipients have to click on the link in each individual email. We would like for recipients to be able to click on that same link and be presented with an OWA-like view that shows all encrypted messages received for a given time period. We deal with many companies that receive several encrypted emails from us each day and having a mailbox view of those messages would be ideal.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Rights Management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base