File attachment virus security
Sheikh Sohail
6,125
File attachment virus security Dynamics 365 Finance & Operations
This is a normal scenario in every implementation that Business users are allowed to attach any documents with any records using the existing attachment feature.
What about if a Business user uploads intentionally or unintentionally the virus-affected file or virus in the shape of any document.
It could make a heavy impact, If the other use opens the affected attached file or virus, and if your network of the machine is not properly secure with antivirus.
How you can protect to reduce the chances to get impacted by attachment?
Options
- 1. Limited file types should be allowed.
- 2. Scan the document while uploading.
Limited document types should be allowed to upload or attach.
Go to
Organization administration > Document management > Document management Parameter > File type
Please do not allow the "EXE" extension type files to upload or attach.
Scanning uploaded files for viruses and malicious code
The second option is scanning the file as a pre-requisite of file uploading.
There is already a delegate available in Dynamics 365 Finance & Operations from 10.0.12, which users can subscribe to and can implement their own file scanning security.
You can subscribe to any online antivirus services and can implement your logic in the below code.
public final class ScanDocuments
{
[SubscribesTo(classStr(FileUploadResultBase), staticDelegateStr(FileUploadResultBase, delegateScanStream))]
public static void FileUploadResultBase_delegateScanStream(System.IO.Stream _stream, EventHandlerRejectResult _validationResult)
{
if (!ScanDocuments::scanStream(_stream))
{
_validationResult.reject();
}
}
private static boolean scanStream(System.IO.Stream _stream)
{
/*
Custom implementation is required for connecting to a scanning service
If the document scanning process found an issue, return false; otherwise, return true;
*/
return true;
}
}
*This post is locked for comments