locked
How dangerous are viruses in the SharePoint Content databases? RRS feed

  • Question

  • I am trying to discuss the risks of not having antivirus running on SharePoint. I know that because files are uploaded into content databases through a browser based protocol that they bypass scanning by any antivirus running on the host server.

    What I am not sure of is, what are the potential dangers of a virus laden file residing within one of these content databases?

    Can the viruses harm the SQL server?

    Can they harm the Web Front end?

    Can infected documents or files retrieved and opened on a client machine cause a problem without their native AV getting a chance to scan them?

    If anyone has any insight or experience with viruses in a SharePoint content database, I would greatly appreciate hearing about them.

    Wednesday, March 2, 2011 4:11 PM

Answers

  • This is a bit of a no brainer, but I'll answer as best I can.  First of all, this Symantec blog might be a good read for you: -

    http://www.symantec.com/connect/articles/techtip-protecting-your-sharepoint-environment-defense-depth

    Now, when looking at how all this information is stored within SQL, one of the most important tables is the AllDocs table, and in this table there are a few virus relevant columns, thus suggesting that virus protection is indeed something to think about.

    1 - Can viruses harm the SQL Server?  I'm not a virus expert so I don't know, but think about it; there only needs to be one single issue for things to start fouling up.
    2 - Depends on the virus, but if it gets into the file system, all sorts of things could happen.  Sites may no longer be served, response times might start to foul up, that sort of thing.
    3 - Yes they can.  Key thing here is that if you've got people accessing from non-work PCs or access points, you'll be allowing them access to corrupted/infected files.  Where would the liability or responsibility for repairing the MD's kit come from due to getting something questionable from corporate kit.

    These are my views only, I'm sure others will chime in with thier views.

    http://www.final-exodus.net
    • Marked as answer by Emir Liu Friday, March 11, 2011 3:29 AM
    Wednesday, March 2, 2011 4:39 PM
    Answerer

All replies

  • You have the option to install AV on SharePoint. But in any case is a good practice to run an antivirus on all corporate workstation/servers. It will prevent uploading infected documents on SharePoint. From my practice I can say never save money on antivirus software. The mistake can cost company a lot of money. Much more then license for corporate AV.
    Oleg
    Wednesday, March 2, 2011 4:31 PM
  • This is a bit of a no brainer, but I'll answer as best I can.  First of all, this Symantec blog might be a good read for you: -

    http://www.symantec.com/connect/articles/techtip-protecting-your-sharepoint-environment-defense-depth

    Now, when looking at how all this information is stored within SQL, one of the most important tables is the AllDocs table, and in this table there are a few virus relevant columns, thus suggesting that virus protection is indeed something to think about.

    1 - Can viruses harm the SQL Server?  I'm not a virus expert so I don't know, but think about it; there only needs to be one single issue for things to start fouling up.
    2 - Depends on the virus, but if it gets into the file system, all sorts of things could happen.  Sites may no longer be served, response times might start to foul up, that sort of thing.
    3 - Yes they can.  Key thing here is that if you've got people accessing from non-work PCs or access points, you'll be allowing them access to corrupted/infected files.  Where would the liability or responsibility for repairing the MD's kit come from due to getting something questionable from corporate kit.

    These are my views only, I'm sure others will chime in with thier views.

    http://www.final-exodus.net
    • Marked as answer by Emir Liu Friday, March 11, 2011 3:29 AM
    Wednesday, March 2, 2011 4:39 PM
    Answerer
  • Your #3 point was a darn good one for the legal department.

            Where would the liability or responsibility for repairing the MD's kit come from due to getting something questionable from corporate kit.

    In a litigious society, what kind of exposure are you opening yourself up to?

    Wednesday, March 2, 2011 5:40 PM
  • No idea, but the key point would come down to negligence, in that the IT department has knowingly left a loophole in the system, which could have all sorts of ramifications.  Virus software is an assurance, not insurance.  It prevents unknown and unwanted instances from entering your environment, from which you could experience much worse, as Oleg has already said.
    http://www.final-exodus.net
    Wednesday, March 2, 2011 7:06 PM
    Answerer