Neither Content Manager (CM8) or Content Manager OnDemand (CMOD) include provisions to virus scan stored content.
Content stored in CMOD typically only originates from financial systems within the organization - bills, statements, correspondence etc. There should be zero chance of this internally generated content being infected. If there is, the customer has far bigger issues to deal with in their up-stream systems.
For content that originates from outside of the organization, the expectation is that the organization will implement various layers of defense - firewalls, portals, authentication, virus scans, etc. to detect and manage potential threats prior to ingesting any externally received content into their CM8 or CMOD repository.
------------------------------
Neil Parrott
------------------------------
Original Message:
Sent: Tue December 12, 2023 02:00 PM
From: Eric Giguere
Subject: Methods or best practices to pre-process files before storage
Hi all
I have customers that are using CMOD and Content Manager as their main ECM tool.
One of them is asking me for guidance on how to
- Scan existing content in both to find if any files stored in there represent a security threat, like containing viruses or XSS code
- How to implement a solution to prevent potentially infected files.
In the last days I've read documentation, it became obvious to me that neither has a built-in functionality for this. But I'm pretty sure other customers that are using those products certainly have asked for the same or even implemented solutions.
I would personally suggest to use the APIs for the existing content, retreiving it and having it checked by the tool of their choice.
Is there a better way?
And for the future, what would be the best way to introduce a pre-processing taks in Content Manager? And in CMOD if that is possible.
------------------------------
Eric Giguere
------------------------------