In IT security, a sheep-dip is the process of using a dedicated device to test inbound files on removable media for viruses before they are allowed to be used with other computers.
[2] A sheep-dip system can be considered a special case of a sandbox, used to test for malware.
This sheep-dip protocol is a normal first line of defense against viruses in high-security computing environments, as it preemptively prevent the spread of viruses brought by new devices.
[4] The process was originally developed in response to the problem of boot sector viruses on floppy disks.
Subsequently, its scope has been expanded to include USB flash drives, portable hard discs, memory cards, CD-ROMs and other removable devices, all of which can potentially carry malware.