Microsoft Information Protection (MIP)
-
OME One-Time Passcode should support SMS
Office 365 Message Encryption can be leveraged in case of a delegated inbox scenario. If an encrypted message is sent to a person who's inbox is delegated e.g. to a secretary the delegated has the ability to request a one-time passcode to the delegated inbox and so full access on the OME protected message can be gained.
This scenario could be avoided by sending the one-time passcode using SMS because then the delegated has no access to the one-time passcode.
98 votes -
Tracking and Revocation of email messages protected with OME
Azure Information Protection will be able to apply the same tracking and revoke features on email that today are available for documents.
79 votesRevocation of protected emails formatted with OME is now in preview.
https://docs.microsoft.com/en-us/office365/securitycompliance/revoke-ome-encrypted-mail
Please note that email tracking functionality is not yet included in this preview. -
Enable Exchange DLP, eDiscovery, Journaling and other functions to decrypt protected attachments
Add new options in EXO DLP to interrogate and analyze protected attachments in unprotected emails or in emails protected with a different policy.
43 votesSupport for attachments in protected emails (with the same or different policy) is already available, support for protected attachments in unprotected emails is being completed (currently in testing).
-
Provide 'Secure Email' scenarios to On-Prem Exchange users
Providing the same secure mail to anyone scenarios to users with on-premises Exchange Server mailboxes
37 votes -
Allow modification to Do Not Forward template
The DNF template has restrictions on copy, print and export. Some customers would like to modify this template for example to allow print.
Maybe also a possibility to add a company wide scope of users to this dynamic rule like the request in
https://msip.uservoice.com/forums/600097-azure-information-protection/suggestions/19602400-dynamic-protection-templatesAnd the possibility for the sending user to add more users to the permission list with BCC and without BCC
for example if Sara@contoso.com send DNF to Anna@contoso.com and Lisa@adatum.com but wants Anna@contoso.com to be co-owner.
if Sara@contoso.com send DNF to Lisa@adatum.com but wants her team to be co-owner.
31 votes -
Add marking to Outlook message subject as a prefix or suffix (configurable)
Allow for a configurable prefix or suffix to be added to the subject line of an Outlook message. For example - my message subject is "Testing" when I classify this as Confidential the subject line becomes "Testing [C]" adding in an abbreviated form of the classification for quick reference and visibility in the inbox.
29 votes -
Improve support for s/mime signed and protected messages in OWA and Outlook Mobile
Currently, when sender has digitally signed a protected email in Outlook, recipients using OWA or Outlook Mobile will only see the IRM wrapper message.
If recipient uses Outlook 2016, the protected message is deciphered/rendered perfectly fine!
23 votes -
Option to change the default "Protect" action for exchange online from Do Not forward to Encrypt Only
The Do Not Forward option is the current default protect action in new exchange online emails. This protection level is very restrictive and not preffered by enterprise. The Encrypt Only option is a better fit for business. Would like to have the ability for organizations to Change the default protect action for their users to allow setting Encrypt Only as the default action.
17 votes -
Allow opening/viewing of separately protected attachments inside protected emails in the Office 365 Message Encryption portal
Under the Office 365 Message Encryption portal you can access and view a protected email once you authenticate through the portal, but you cannot access a protected attachment by choosing Preview in the Office Online viewer, as you cannot in Office Online apps generally (from SPO or OWA etc). You can only download the attachment.
10 votes -
Enforce default label for non labeled mails on the service side
This suggestion describe a scenario when all mails that are sent without a label (no AIP client, mail client that don't support labeling, enforce mandatory labeling) will be applied with the policy default label on the Exchange Online service side
7 votes -
Allow custom branding to work with email that passthrough external DLP system in transport rule
Allow custom branding to work encrypt email that has first passed through external DLP system with update to email header marked for encryption with OME and add custom branding template to email.
Currently it does not seem like custom branding is working with emails that have been updated by external DLP that has updated the header.3 votes -
OME allows for sending emails without a link but with instructions on how to log in to retrieve your emails
Some organizations have established policies by which they will never send an email with a link to their customers. Since OME includes a link to open the email, this can go counter to such policies.
OME should allow users to log in to a specific portal where they can consume their protected emails sent by the organization, in the same way they use OME today but without having to click on a link in an email.3 votes -
Extend decryption feature for OME E-mail (as like -DecryptAttachmentFromPortal)
We want to use auto decrypt feature for IRM e-mail (as like -DecryptAttachmentFromPortal).
The aim of decrypt feature is to encrypt e-mail between sender and reciever.(decrypt only e-mail's route)
This featuer is not need 3rd party SSL certification and reciever can be flexibly use the e-mail and attached contents.
We want to use the feature regardless of the user or content.3 votes -
Dynamic token injection into custom email headers
Building on this item ( https://msip.uservoice.com/forums/600097-azure-information-protection/suggestions/33963844-allow-custom-email-x-headers-defined-per-label ) there is a need to dynamically inject a token into the custom header.
IE. Embedding the user's email address into the custom header is a requirement for all Australian Government customers (~1m users nationally).2 votes -
Support Default Label for emails sent programmatically
When you don't select a default label, users are required to manually select a label. Although this is great for live users, it interferes with bulk email distribution scripts, because the process stops to wait for the selection of a label for each automatically generated email. We need to assign a default label that applies only for bulk email processes. Either that, or provide standard code that can be included in bulk email scripts to enable the assignment of an appropriate default label.
2 votes -
Protected message: This message has been sent to "you" needs to show which email adderss is the recipient
Whenever a recipient gets a protected email, the display says "This message has been sent to you" but it does not show who this "you" is meant to be. So it is impossible for the reader of the message to know if she was actually the intended recipient and it is not possible to see the email it was sent to.
This is is a problem from a practical and compliance perspective. If no system would ever forward emails or if people would never have more than one email address, it may not be an issue.
But in the real…
2 votes -
Ability to apply a different custom OME template depending on the user's Outlook language setting
We have employees that work in English and some in French. We would like to be able to apply a specific OME configuration template (i.e. French) based on the user's Outlook language setting and the label applied.
So basically, that would mean that we would like to have a transport rule that applies a specific OME template based on the language and the label applied. As of now, we cannot have a condition that looks at the email header for both the label and the language setting.
This feature would be a life saver for us!
1 vote
- Don't see your idea?