We have been informed by CCH Support that when documents are uploaded onto the Portal, they are NOT scanned for malware.

Given that this poses a high risk of inadvertently downloading malware, there should be a large warning message advising the user that the Portal has NOT scanned the document(s) for malware, and that users are strongly advised to choose "Save As" when downloading the document, and to scan the document using their own up-to-date malware software BEFORE opening the document. By choosing "Open" any risk of malware is automatically downloaded and installed.

Ideally, the Portal should always default to "Save As" or offer the user the choice of defaulting to "Save As" in the interests of security.