Feedback by UserVoice

David

My feedback

  1. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Office 365 Security & Compliance » Spam & Phishing  ·  Flag idea as inappropriate…  ·  Admin →
    David shared this idea  · 
  2. 19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    David supported this idea  · 
  3. 5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    David supported this idea  · 
  4. 141 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    custom company logo, Custom display name, and custom disclaimer is in preview and will be rolling out to customers soon

    link to quarantine site so end users can manage more than one message – feedback taken

    custom frequency for quarantine notification email -feedback taken

    David supported this idea  · 
  5. 604 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thank you for taking the time to submit this feedback. Since there are multiple pieces and layers of feedback in this single post, it makes it more difficult than many to address. First, let us share a little about what we’ve been doing. Since this post was made, we have prioritized performance and reliability improvements for both Message Trace (inside 7 days) and Historical Search (typically outside of 7 days). We’ve added details to Message Trace that weren’t there before, decreasing the need to run Historical Searches inside of 7 days. For Historical Search, we have improved the results to be more clear for those who are not familiar with the Exchange Message Tracking log format. Additionally, while we get the total value of Message Trace, we’ve also prioritized reducing the constant need to search & destroy. We’ve made tremendous strides in effectiveness, even as the bad guys got more…

    David supported this idea  · 
  6. 1,244 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    74 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  7. 3,682 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    200 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.

    That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.

    David supported this idea  · 
  8. 4,246 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    181 comments  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  9. 403 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for taking the time to provide this feedback. We’ve updated the TechNet documentation (https://technet.microsoft.com/library/mt842508(v=exchg.150).aspx) to clear up confusion around which authentication type and protocol combinations are supported in CARs. Expanding support for more combinations could prevent bad actors with valid credentials from accessing mailbox content, but it wouldn’t help with scenarios like password spray attacks or malicious lockout attempts because CARs are evaluated post-authentication. There’s work underway on a solution that covers a broader array of basic authentication scenarios – we’ll share more details as soon as possible. In the interim, this blogpost (https://cloudblogs.microsoft.com/enterprisemobility/2018/03/05/azure-ad-and-adfs-best-practices-defending-against-password-spray-attacks/) outlines the recommended approach for forcing multi-factor authentication when using AAD and ADFS.

    David supported this idea  · 
  10. 677 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    David supported this idea  · 
  11. 242 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    16 comments  ·  Office 365 Security & Compliance » Auditing  ·  Flag idea as inappropriate…  ·  Admin →

    At this point, the Office 365 service only allows for the retention of audit entries for 90 days. Can you provide us more information regarding your requirement to keep logs for 3 years. Is this a legal obligation? Please provide details around the specific audit entries you would like to retain for an extended period of time.

    An error occurred while saving the comment
    David commented  · 

    Admin - Please change Status from 'TELL US MORE' to 'WORKING ON IT'

    David supported this idea  · 
  12. 14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Office 365 Admin » Lync Admin  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  13. 223 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  General » Uncertain topic  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  14. 1,129 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    34 comments  ·  Office 365 Admin » Apps and App Launcher  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  15. 83 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    18 comments  ·  Office 365 Admin » Exchange Admin  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  16. 9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Microsoft 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  17. 1,006 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    46 comments  ·  Microsoft 365 Groups  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 
  18. 361 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Office 365 Security & Compliance » Auditing  ·  Flag idea as inappropriate…  ·  Admin →
    David supported this idea  · 

Feedback and Knowledge Base