Help Center
News
Help Center
News
Sign in
Document
Documents & PoliciesQuestionnairesControls & Technical and Organizational Measures (TOMs)Report ExplorerAsset RegisterFrameworksRecord of Processing Activities (ROPA)Exporting your ROPAVendorsImpact Assessments (IA)Legitimate Interest DocumentationsMeetings & ActivitiesRetentions & Deletions PeriodsData Collection Point (DCP)Add documents to vendors
DPIA
Assessments
ROPA
Assets
International Standards & Frameworks
TOMs & Controls
Categories & Attributes
Data Collection Points
Legal Basis
Legitimate Interest
Documents & Policies
Retention & Deletion
Data Flow
Vendors
Questionnaires
Manage
Process Risk OverviewData Flow Map
Dashboards
AI Assistance & Automation
Projects
Tasks
Meetings & Activities
Workflows & Automations
Reporting
React & Resolve
TasksProjectsIncidents & BreachesData Subject Requests
Risk Scenarios & Treatments
Incidents & Breaches
Release Notes
Q2 2026
Q1 2026
Q4 2025
Q3 2025
Q2 2025
Q1 2025
Q4 2024
Q3 2024
Q2 2024
Q1 2024
Q4 2023
Q3 2023
Q2 2023
Q1 2023
Q4 2022
Q3 2022
Getting Started
Quickstart GuideQuestionnairesTasksProcess Risk OverviewIT SettingsFrameworksThe Information Security / Asset Risk ModelData Subject RequestsDownloading an elementLegitimate Interest DocumentationsAssigning Audiences to ElementsDocuments & PoliciesControls & Technical and Organizational Measures (TOMs)General SettingsCreating attributes that fit your industryDocument list for onboardingThe Data Protection Risk ModelIncidents & BreachesProjectsManaging audiencesAdd documents to vendorsHow to answer an assessment/questionnaireSetting up the first organization or companyData Collection Point (DCP)Use AI to create elementsSetting Risk models in General SettingsSharing ElementsHow can a user change the language?Data Flow MapRecord of Processing Activities (ROPA)Time MachineCreate and evaluate assessments Company Widget FeatureAsset RegisterVendorsImpact Assessments (IA)Creating organizational unitsExporting your ROPAMeetings & ActivitiesTerms for legitimate processingRetentions & Deletions PeriodsHow to create a new user and how to change the password for loginReport ExplorerMaturity modelAdding risk scenarios to assets or asset groupsRelevant Risk SzenariosPriverion GRC Platform overviewDocument list for onboardingHow can a user change the language?Setting up the first organization or companyCreating attributes that fit your industry
User account
Sharing & Group functions
Features
How-To Guides & Tips
Get Help
Legal
Settings
General Settings
Compliance settings
Identity and access management
IT Settings
IT SettingsGeneral IT settingsBrowse usersCreate a new userEdit a userBrowse rolesCreate a custom roleEdit a custom roleLanguage settingsAI settingsAI credentialsEmail logsAuto-translation settingsAnti-malware settingsExternal integrationsRoles, responsibilities and notificationsMicrosoft Entra ID SetupManaging audiencesHow to create a new user and how to change the password for loginSAML2 with SCIM2 Integration GUIDE
Risk Settings

Anti-malware settings

Configure file scanning for documents uploaded to the platform.

Anti-Malware Settings

Every time someone uploads a file anywhere in DPMS — whether it's a policy document, a ROPA attachment, a vendor contract, or a task file — the platform's built-in virus scanner inspects it automatically. The Anti-Malware Settings screen is where you decide how that scanner behaves: which file types it is allowed to process, what happens when a threat is detected, and whether users can see a scan status indicator on their files. Without deliberate configuration here, the scanner falls back to built-in defaults that may not match your organisation's security policy.

This screen is typically used by IT administrators and Data Protection Officers. It sits inside the broader IT Settings module alongside other platform-level controls such as Active Directory synchronisation and AI configuration.

How to open it

Navigate to IT Settings in the main application sidebar. In the left-hand settings menu, click Virus Scanner. You need the IT Settings read permission to view this page. If you have read access but not edit access, you will see the current configuration but the Edit button will be greyed out.

What you see

When you arrive, the right-hand content area shows a summary card titled Virus Scanner. It lists four rows of information: File Extensions, Deleted Files, Quarantined Files, and Show Anti-Malware Icon. Each row shows a label on the left and the current value on the right — file extensions appear as a comma-separated list (for example, PDF, DOCX, JPG), while the other three values display simply as Yes or No.

In the top-right corner of that card sits the Edit button. Click it and the entire right-hand area is replaced with an edit form that shows three toggle switches stacked vertically, followed by a multi-select file extensions field. A Save button sits at the bottom-right of the form, and a back arrow at the top-left lets you cancel without saving.

Working with this screen

Setting up the scanner for the first time

If your organisation has just deployed DPMS and no one has saved these settings before, the scanner uses built-in defaults: infected files are deleted automatically, the quarantine mode is off, and the scan status icon is hidden. If those defaults do not match your policy, you should configure this screen before users start uploading files.

  • From the Virus Scanner summary card, click Edit.
  • Review the Deleted Files toggle — it will be switched on by default. If your policy requires preserving infected files for forensic review rather than destroying them, click the Quarantined Files toggle instead. As soon as you do, the Deleted Files toggle turns off automatically. The two switches are mutually exclusive: only one response mode can be active at a time.
  • Check the Show Anti-Malware Icon toggle. It is off by default. If you want users to see a small scan status indicator on their files — showing whether a scan is pending, in progress, completed, or failed — switch this on.
  • Review the File Extensions field. It comes pre-loaded with a standard set of common formats: PDF, TXT, DOC, DOCX, ODT, PPTX, PPT, XLS, XLSX, JSON, JPG, JPEG, PNG, ZIP, and SVG. Add or remove types as needed (see the next two scenarios for how to do that).
  • Click Save. A success notification appears and you are returned to the Virus Scanner summary card, which now reflects your new configuration.

Restricting the allowed file types for security hardening

After a security review, your organisation may decide that certain file types pose an unacceptable risk. Archive files such as ZIP are a common example — they can conceal malware inside a compressed payload.

  • On the Virus Scanner summary card, click Edit.
  • In the File Extensions field, locate the chip for the extension you want to remove (for example, ZIP). Click the × on that chip to deselect it.
  • Verify the remaining list looks correct. Remember: when you save, the entire list you see in the field is what gets stored. If you accidentally remove all extensions, the scanner will have no approved file types.
  • Click Save. From this point on, files with the removed extension will no longer be accepted and scanned through the anti-malware pipeline.

Adding a non-standard file type your organisation needs

If a business unit requests support for a file format that is not in the default list — for example, .ods (OpenDocument Spreadsheet) or .csv — you can add it yourself without any developer involvement.

  • On the Virus Scanner summary card, click Edit.
  • Click into the File Extensions field and type the extension you want to add (for example, ods). Type it in lowercase.
  • Because this extension is not in the predefined list, a prompt to create it will appear. Confirm it. The new extension appears as a chip in the field.
  • Click Save. The extension is now stored in the database and files with that suffix will be accepted and scanned on future uploads.

Switching the malware response from delete to quarantine (or back)

Your organisation's incident response policy may change over time — for example, moving from automatic deletion to quarantine so that forensic analysts can examine infected files.

  • On the Virus Scanner summary card, click Edit.
  • If Deleted Files is currently on and you want to switch to quarantine, click the Quarantined Files toggle. The Deleted Files toggle turns off instantly and automatically — there is no warning or confirmation step.
  • If you want to revert to deletion, click Deleted Files. The Quarantined Files toggle turns off.
  • Click Save to apply the change. Every upload from this moment forward will follow the new policy.

Field reference

  • Deleted Files — When switched on, any file identified as containing malware is permanently deleted from the system immediately. No copy is retained anywhere. This is the default behaviour when no configuration has been saved. Turning on Quarantined Files automatically turns this off.
  • Quarantined Files — When switched on, infected files are moved to an isolated area instead of being deleted. They are no longer accessible to regular users but are preserved for administrative review, forensic investigation, or regulatory record-keeping. Turning on Deleted Files automatically turns this off. Default: off.
  • Show Anti-Malware Icon — When switched on, a small status icon appears on file and document records throughout the platform, showing the scan lifecycle: pending, in progress, completed, or failed. When off, no icon is shown anywhere. Default: off (as of June 2025).
  • File Extensions — The complete list of file type suffixes the scanner is configured to accept. Select from the predefined list or type a new extension and confirm it to create a custom entry. Extensions are stored in lowercase but displayed in uppercase. Custom entries must be between 1 and 255 characters. Duplicates are silently ignored. There is no enforced maximum number of extensions. If you save with an empty list, no file types will be approved for scanning.

How this connects to the rest of DPMS

The settings you configure here affect every module in DPMS where users can upload files. This includes — but is not limited to — ROPA attachments, DPIA annexes, vendor contracts, policy documents, task attachments, and incident records. The file extension list, the malware response mode, and the icon visibility setting all take effect immediately on the next file upload after you save.

The scan status icon controlled by the Show Anti-Malware Icon toggle appears on file and document records across the platform when enabled. If you turn this on or off, the change is reflected in the application interface immediately after saving — no page reload or cache clearing is required.

After saving your configuration here, you may want to communicate the changes to your team, particularly if you have removed previously accepted file types (users will no longer be able to upload those formats) or changed the malware response from delete to quarantine (which has implications for your incident response workflow).

Tips & common pitfalls

Heads up: The two response mode switches — Deleted Files and Quarantined Files — are mutually exclusive, but there is no on-screen warning when you flip one. Switching on Quarantined Files silently turns off Deleted Files, and vice versa. If you find that only one switch stays active when you try to enable both, this is by design.
Heads up: A freshly deployed DPMS instance defaults to deletion — not quarantine. If your security policy requires evidence preservation, you must actively enable quarantine mode before any uploads are processed.
  • The Show Anti-Malware Icon switch defaults to off. If users tell you that the scan status icon has disappeared from their files, check this setting first. It may have been inadvertently reset or never enabled.
  • Saving replaces the entire file extensions list. The PUT request sends whatever is currently selected in the field. If you accidentally clear all the chips and click Save, the permitted-types list will be empty in the database. Always verify the full list before saving.
  • Type custom extensions in lowercase. Extensions are stored lowercase and the field displays them in uppercase — but when typing a new one, use lowercase (e.g. ods, not ODS). An extension that is a duplicate of one already in the list will be silently ignored, with no error message shown.
  • The back arrow discards unsaved changes without warning. There is no "unsaved changes" confirmation dialog. If you navigate away from the edit form using the button or the sidebar, all edits are lost.
  • Validation failures on custom extensions are silent. If you type an extension and it does not appear in the field, it may have been rejected because it was empty, too long (over 255 characters), or already in the list. There is no error message — the loading spinner simply resets.


Was this article helpful?

English
Powered by Product Fruits