You are here:

Malware scanning in Business Central 21

One of the new functions Microsoft has implemented in Business Central as part of Dynamics 365 upgrade wave 2 in 2022 is malware scanning of files that are uploaded to the Business Central online environment.

Potential security risk

IT security is a high priority for all Microsoft applications, and although IT security is often an area that can seem both complicated and technical, it is also an area that should be a high priority in your implementation practice, also when it applies to Dynamics 365 Business Central.

One of the potential security holes in Business Central until now was the attachment feature. Without special tools, there is a risk that a Business Central user could accidentally attach a malicious file to a document from their local computer, send the document to another user, who opens the document and causes great damage to his machine (and perhaps even on the local network) if some form of protection, such as an antivirus program, is not activated and intercepts the malicious file.

Business Central: EnableMalwareScanning

To address the risk of this security hole in Business Central, with release wave 2 in 2022, Microsoft has implemented a new hidden feature that, despite not being talked about as much, is still an important security feature to be aware of.

Business Central 2022 malware scanning
With Business Central 21 malware, all files uploaded to Business Central are scanned. If you run an on-premise installation, you must activate the function yourself

Business Central online

Any file uploaded to the Business Central online environment, either via web client or via OData, is now first scanned with Windows Defender and a file is only accepted if it is considered safe.

Business Central on-premise

In the on-premise version of Business Central, you also have the opportunity to activate this function. Starting with Business Central 21 (2022 release wave 2), you have a new setting on your server server called EnableMalwareScanning. By default, this option is set to not enabled

As this option requires Windows Defender to be installed and enabled on the server, it is not enabled by default, but if your Windows Defender is active, simply enable the option and your files will be scanned before uploading to Business Central. If you want to improve the security of your on-premise ERP installation, we suggest that you activate this option.

What is malware?

Malware is a combination of the two English words 'malicious' and 'software', which means malicious software.

What is malware
It is important to do what you can to avoid malware
Malware is used as a collective term for software that damages the company's programs and data, as well as the devices they run on. Malware can do a lot of damage in a short time, and for example delete your data or steal information.
Your Challenge. Our Passion
Dynamics 365 Business Central partner