Virus Scanning and Malware Quarantine

  • Updated

The OWL Intelligence Platform automatically scans all uploaded files for viruses and malware. If a file is identified as malicious, the system immediately protects your environment by isolating and removing the threat in a controlled and auditable manner.

This process is designed to:

  • Immediately contain malicious content
  • Prevent accidental exposure or execution
  • Minimize risk across your environment
  • Maintain a clear audit trail
  • Automatically remove infected content after a defined time period

The 7-day quarantine and automatic deletion model supports secure operations in both Commercial and GovCloud environments and aligns with common security best practices.

 

If a file is positively identified as containing malware:

  • The file is immediately placed into quarantine.
  • The file cannot be viewed, downloaded, attached to records, indexed, or accessed in any way.
  • The file is stored in a secure, isolated location where it cannot execute or impact the system.

Neither standard users nor administrators can access quarantined file contents.

 

7-Day Secure Retention Window

Malicious files are retained in quarantine for 7 calendar days from the time of detection.

During this period:

  • The file remains fully inaccessible. You cannot preview, download, or restore the file.
  • It is not placed in Trash automatically. Account Administrators may choose to delete the quarantined file early.
  • The retention period cannot be extended.
  • You may upload a clean, replacement file.

This fixed retention window supports security review needs while minimizing risk.

 

Automatic Permanent Deletion

At the end of the 7-day quarantine period:

  • The file is permanently deleted.
  • Deletion is irreversible.
  • There is no recovery or recycle mechanism.

Only system audit metadata remains for compliance and logging purposes.

 

Notifications

When a file is quarantined:

  • The uploading user receives an in-app notification.
  • Account Administrators receive an in-app notification.

The notification includes:

  • File name
  • Detection date and time
  • Confirmation that the file was quarantined
  • Scheduled deletion date and time

For security reasons, notifications do not include technical details such as malware engine names, threat signatures, CVE identifiers, or internal tooling information.

Email notifications may be enabled depending on tenant configuration.