Feedback by UserVoice

Jim K

My feedback

  1. 97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Jim K commented  · 

    Alan,
    Conditional access is a paid feature. This should be included for free with office 365 subscription.

    Jim K supported this idea  · 
    Jim K commented  · 

    Microsoft's default security setup for office 365 is terrible - i.e. non existent. If we could easily block login attempts from outside of the US we would have never had all the problems with users accounts getting hacked. There are 0 security alerts an admin can get (new device / location login), suspicious activity reports / alerts (our azure reports DO NOT work and azure support has said they can't help). For a business product that's supposed to require little IT knowledge, it is incredibly insecure. Unfortunately many of these ideas are spread out on uservoice and should probably be considered one idea so microsoft actually pays attention:

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/18564889-conditional-access-by-network-location

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/18297652-enable-geofencing-in-office365

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/9785337-simple-auditing-for-user-mailboxes-and-accounts

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/19571491-suspicious-login-reports-and-alerts

  2. 60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →
    Jim K commented  · 

    Microsoft's default security setup for office 365 is terrible - i.e. non existent. If we could easily block login attempts from outside of the US we would have never had all the problems with users accounts getting hacked. There are 0 security alerts an admin can get (new device / location login), suspicious activity reports / alerts (our azure reports DO NOT work and azure support has said they can't help). For a business product that's supposed to require little IT knowledge, it is incredibly insecure. Unfortunately many of these ideas are spread out on uservoice and should probably be considered one idea so microsoft actually pays attention:

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/18564889-conditional-access-by-network-location

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/18297652-enable-geofencing-in-office365

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/9785337-simple-auditing-for-user-mailboxes-and-accounts

    https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/19571491-suspicious-login-reports-and-alerts

    Jim K supported this idea  · 
    Jim K commented  · 

    I would add that a location based on ip address would be helpful as well. I need to quickly be able to see if an account was accessed outside of a state / country it should be accessed from, I know there is an issue (without looking up each ip address). There should also be some admin alerts based on these logs - e.g. x amount of failed logins triggers alert to admin or any logins from outside the U.S. could trigger alert.

  3. 19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Jim K shared this idea  · 
  4. 418 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    26 comments  ·  Office 365 Security & Compliance » Reports  ·  Flag idea as inappropriate…  ·  Admin →
    Jim K commented  · 

    Also, like Google already does, an email should be sent to the recipient when there is a new login from a device. This should at least be a configurable setting for admins. There is literally no "turned on by default" security measure in place for office 365. Users give up their credentials in phishing attempts all the time. We need more measure in place for admins to combat these issues.

    Jim K shared this idea  · 
  5. 162 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Office 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    Jim K supported this idea  · 
  6. 1,350 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    158 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

Feedback and Knowledge Base