File attachment virus security Dynamics 365
Finance & Operations
This is a normal scenario in every implementation that Business users are allowed to attach any documents
with any records using the existing attachment feature.
What about
if a Business user uploads intentionally or unintentionally the virus-affected
file or virus in the shape of any document.
It could make
a heavy impact, If the other use opens the affected attached file or virus,
and if your network of the machine is not properly secure with antivirus.
How you can
protect to reduce the chances to get impacted by attachment?
Options
- 1.
Limited
file types should be allowed.
- 2.
Scan
the document while uploading.
Limited document types should be allowed to upload or attach.
Go to
Organization
administration > Document management > Document management Parameter >
File type
Please do
not allow the "EXE" extension type files to upload or attach.
Scanning uploaded files for viruses and malicious code
The second
option is scanning the file as a pre-requisite of file uploading.
There is
already a delegate available in Dynamics 365 Finance & Operations from 10.0.12, which users can subscribe to and can implement
their own file scanning security.
You can subscribe to any online antivirus services and can implement your logic in the below code.
public final
class ScanDocuments
{
[SubscribesTo(classStr(FileUploadResultBase),
staticDelegateStr(FileUploadResultBase, delegateScanStream))]
public static void FileUploadResultBase_delegateScanStream(System.IO.Stream
_stream, EventHandlerRejectResult _validationResult)
{
if
(!ScanDocuments::scanStream(_stream))
{
_validationResult.reject();
}
}
private static boolean
scanStream(System.IO.Stream _stream)
{
/*
Custom implementation is required for
connecting to a scanning service
If the document scanning process found
an issue, return false; otherwise, return true;
*/
return true;
}
}
