OneDrive Policy Now Offers ‘Suspected Malware’ Workflow

The Office365 Onedrive ‘Threat Protection’ policy now includes a new workflow: ‘Suspected Malware ‘.

The new workflow allows deciding how to behave when a file is scanned and the malware engine generates a  detection with lower confidence (suspected malware). The options are:

• Quarantine. User is alerted and allowed to restore
• Quarantine. User is alerted, allowed to request a restore (admin must approve)
• Quarantine. User is not alerted (admin can restore)
• Do nothing