SAP Knowledge Base Article - Public

2519748 - How SF deals with security/virus scanning when it comes to resume or any other attachments

Symptom

SuccessFactors BizX  - Recruiting Management(RCM)

Resolution

We don’t have any specific document on virus scan services or related in RCM since it’s implemented as a platform service.

 

However, The virus and malware check is integrated into attachment file upload process. The check can leverage multiple virus scan engines to catch the latest virus and will aggressively detect and block active contents such as office macro, PDF javascript, actions etc. to block unknown malwares. Here are notes on a couple enhancements made by security team that have provisioning switches.

1. Multi-Scanning


Multi-Scanning is an opt-in security feature to scan files using multiple scan engines: TrendMicro and ClamAV. Different engines have different strengths and detect different threats. By using multiple scan engines, we improve the virus scan capability to catch more malicious files.

 

Please follow steps below to enable the Multi-Scanning feature:


a.Go to Company Settings in Provisioning site
b.Find Enable Multi-Scanning switch, enable and save the setting

 See below screenshot:

Multi Scanning.png

 

2. Active Content Detection and Blocking

 

Active Content Blocking is an opt-in security feature to inspect and block file with active content embedded during file upload process. Once enabled, files with Active Content cannot be uploaded to our application. This feature provides an extra level of insurance against 0-day attacks from the malicious file upload.

 

Following active contents will be blocked:


a.Macro and OLE contents in major office file types: doc, docx, docm, xls, xlsx, xlsm, ppt, pptx, pptm.
b. Javascript, embedded files, and launch action in PDF.

 

Please follow steps below to enable the Active Content Blocking feature: 
1.Go to Company Settings in Provisioning site


2.Find Active Content Detection switch, enable and save the setting.

 

See below screenshot:

Active Content.png

Keywords

Resume security Virus scanning security/virus scanning , KBA , LOD-SF-RCM-SYS , System Performance, Usability, Errors, Security , How To

Product

SAP SuccessFactors HCM Core 1705 ; SAP SuccessFactors Recruiting 1611