Feedback by UserVoice

Dean B

My feedback

  1. 1,871 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    73 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →
    Dean B supported this idea  · 
    An error occurred while saving the comment
    Dean B commented  · 

    We are very frustrated by this lack of functionality since our customers can no longer rely on e-mail communications to relay urgent messages and delivery issues with us.

    Microsoft's failure to address this concern sends a clear message that they have little regard for business continuity and is forcing us to look at other options.

    An error occurred while saving the comment
    Dean B commented  · 

    This is an important feature but we were able to get by most of the time because the daily quarantine e-mail would allow them to release messages. There was only the odd e-mail that was time sensitive. However, now that the notifications no longer provide a link to release quarantined e-mail, there is no way for them to release the mail on their own.

    I find it hard to believe that Microsoft is forcing us to use the Security and Compliance portal when there is still a gap this large between the legacy solution and the new one, especially when this gap was identified almost 3 years ago.

  2. 83 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Dean B supported this idea  · 
    An error occurred while saving the comment
    Dean B commented  · 

    I take issue with the new quarantine notification e-mail do not work for three main reasons:
    1. We make fairly heavy use of shared mailboxes and non-administrators are unable to release quarantined messages to shared mailboxes. Given the very large number of false positives we've been seeing, this is becoming a significant resource drain on our IT department.
    2. To limit susceptibility to phishing attempts, our users are under strict instructions to never provide their credentials to any page landed at from an e-mail hyperlink. At very least, we need a method or option of stripping the hyperlinks from these notifications.
    3. Unlike the previous quarantine notifications that had the release button embedded, the new method will require training for many of our less savvy users.

    Issues like this are a clear indication that Microsoft has little regard for business continuity, forcing us to consider alternatives.

  3. 3,629 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    199 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.

    That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.

    Dean B supported this idea  · 
    An error occurred while saving the comment
    Dean B commented  · 

    I find it completely unacceptable that this product would be marketed for business use without providing the ability to perform IP blocking. I even trialed Azure Premium and confirmed John P's statement that it authenticates the user before checking the conditional access rules, allowing an attacker to confirm validity of a password. So, even if you do purchase Azure Premium, conditional access is almost completely useless.

    I think this is the straw that will force me to look for alternatives to o365. I moved to o365 with the intent of relieving myself from the burden of managing an on-prem e-mail services but am finding my administrative overhead has increased by at least 400% since moving to o365.

  4. 584 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thank you for taking the time to submit this feedback. Since there are multiple pieces and layers of feedback in this single post, it makes it more difficult than many to address. First, let us share a little about what we’ve been doing. Since this post was made, we have prioritized performance and reliability improvements for both Message Trace (inside 7 days) and Historical Search (typically outside of 7 days). We’ve added details to Message Trace that weren’t there before, decreasing the need to run Historical Searches inside of 7 days. For Historical Search, we have improved the results to be more clear for those who are not familiar with the Exchange Message Tracking log format. Additionally, while we get the total value of Message Trace, we’ve also prioritized reducing the constant need to search & destroy. We’ve made tremendous strides in effectiveness, even as the bad guys got more…

    Dean B supported this idea  · 
  5. 463 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    in the plans  ·  19 comments  ·  Office 365 Security & Compliance » Auditing  ·  Flag idea as inappropriate…  ·  Admin →
    Dean B supported this idea  · 

Feedback and Knowledge Base