Reveal’s Security Policy for Files Uploaded to the Reveal Platform
It is Reveal’s policy to scan all user-uploaded context using the Trend Micro antimalware suite.
Reveal’s eDiscovery platform is designed to never open documents using a native viewer, run any code within a document, or download any content from the Internet when processing or handling documents.
For instance, when imaging a document, we have libraries such as Oracle’s Outside-in that will render an image of the document inside of a protected and limited environment that does not make use of Microsoft Office or any other native viewer. We scan documents as a protection for our clients who may subsequently download documents that they have uploaded.
It is incumbent for each client’s endpoint management to run endpoint protection software both when uploading and downloading data from our platform as definitions are constantly changing and false negatives can and do happen. Reveal’s shared security model relies upon user controls such as endpoint control to help protect the user from documents uploaded by the client.