Microsoft Office SharePoint Server has revolutionised collaborative workspace services. Providing browser-based document collaboration and management it can be used to host multiple websites that access shared workspaces and documents, as well as specialised applications such as company wikis and blogs from any web browser.
Whilst the benefits to organisations using SharePoint are numerous, with it come increased security risks that should be considered and addressed. Using SharePoint can introduce new threats to the network such as:
- Saving infected files to the document library - A document author or reviewer could intentionally or inadvertently upload/edit a document from his/her desktop that contains an embedded virus, SQL-based virus, infectious macro, hot button, Trojan, etc.
- Downloading/saving HTML web pages to the document library - Team members collaborating on a project can save research-related HTML web pages or documents directly to the SharePoint document library. These documents could contain embedded viruses, infectious macros, hot buttons and/or Trojans that would infect the SharePoint document library.
- Infection through mapping a network drive - Windows XP users can map a network drive to \server\sites\teamsite. When a user is infected by a virus that attempts to propagate to network shares, the virus can propagate to SharePoint sites, as these sites are not detected by file server Antivirus tools. Once the virus is within the SharePoint document library, only a SharePoint-specific Antivirus solution can detect and clean it.
Traditional server/desktop Antivirus are not enough to protect your SharePoint environment as they do not have the ability to scan the SharePoint libraries:
File Server Antivirus
Administrators often rely on desktop and file server products to scan documents when they are uploaded/downloaded to the SharePoint library. It is also an industry-wide practice to back-up the document library in a similar manner as the file server. However, backup and restoration of documents from the SharePoint document library can fail when a file server product detects and cleans viruses. This happens when documents are cleaned locally on the file server by the file server Antivirus, while the backed up copy remains infected. During data restore, infected documents could be reinstated, or those that were successfully deleted could leave broken links that could cause restore failures. Deploying a SharePoint-specific Antivirus solution enables backup and restoration to run smoothly.
Desktop Antivirus
When an end user opens a document from a mapped folder on the desktop, the document is copied to the cache on the server and client. The desktop Antivirus technology may detect an infection within the cached copy but cannot clean the stored copy in the SharePoint document library. Similarly, readers who have the latest desktop signatures can detect viruses when downloading documents from SharePoint. However, due to non-contributor rights to SharePoint document library, they cannot clean the copy within SharePoint. These scenarios can be avoided by deploying SharePoint-specific antivirus technology.
Recommended Solution
To secure SharePoint Secon recommend Trend Micro PortalProtect. It is the first security solution integrated with Microsoft SharePoint Portal and built on proven enterprise security technology to deliver optimal reliability and interoperability.
PortalProtect provides a centrally managed solution to effectively secure SharePoint Portal systems and their users. To provide SharePoint Portal administrators with peace of mind in using this platform, PortalProtect is designed to provide virus and content scanning for the Portal, it eases management by providing automatic update deployment, alerting, and reporting via a centralised, Web-based console. Additionally, the server-based design scales to support all sizes of SharePoint Portal Servers.