I'm curious what, if any, security mechanisms are implemented for feature layer attachments in ArcGIS Online, and if they're documented.
Does AGOL perform security scans on attachments?
Are only certain extensions allowed (though it is easy to change extensions of files)? If so which and where is that documented?
If we are using distributed collaboration to replicate data (with attachments) from AGOL to Enterprise, how can we, or can we, be reasonably confident that attachments are not malicious, since significant effort and development would need to take place to intercept distributed collaboration data and perform security scans.