Forum Discussion
Solved
storing executables/binaries in sharepoint document libraries
As far as I know it's a bad idea. I've looked around but can't find specific technical reasons why it's bad to do so, can anyone advise?
- Hi,
SharePoint Online does not have restrictions on the types of file, as specified in this article. This could be taken as an indicator that it is ok to do so.
https://support.office.com/en-gb/article/types-of-files-that-cannot-be-added-to-a-list-or-library-30be234d-e551-4c2a-8de8-f8546ffbf5b3
However, you will also see a lot of articles around that wouldn’t advise it such as this one. They are mainly from periods where there did used to be restrictions on file types. This was mainly because files like exe’s were seen as a security risk especially if they contained malicious code
https://www.google.co.uk/amp/iedaddy.com/2011/10/sharepoint-2010blocked-file-types/amp/
There are some articles out there which advise on mitigating the risk, such as zipping them before uploading, and others to restrict the permissions of who and where to upload them.
I think it is best to use common sense here. SharePoint online contains anti malware and Microsoft wouldn’t have removed the limit if they thought there was a serious risk to their platform or some major barrier from a technical perspective. They have millions of tenants on the public cloud and files like exe’s and bat’s can be uploaded to any one of them. They also have some of the best security systems out there to protect their own platform. Saying this, it’s always worth being vigilant as security is a shared responsibility so if you did decide there wasn’t any risk you should still do things like zipping and restricting the uploads to a specific place by specific personnel, ensure an RFC process to clear the file for upload etc
If you thought there was a risk keeping them in the same app as your other corporate documents you could always look at alternative locations such as a file share in Azure where you could put them into Blob storage and only accessed by people who need them. This is a cheap alternative
There will be people both for and against this so as much as best practice, it’s probably more down to personal judgement and your perception of risk in doing so.
Hope that helps answers your question!
Best, Chris
Hi,
SharePoint Online does not have restrictions on the types of file, as specified in this article. This could be taken as an indicator that it is ok to do so.
https://support.office.com/en-gb/article/types-of-files-that-cannot-be-added-to-a-list-or-library-30be234d-e551-4c2a-8de8-f8546ffbf5b3
However, you will also see a lot of articles around that wouldn’t advise it such as this one. They are mainly from periods where there did used to be restrictions on file types. This was mainly because files like exe’s were seen as a security risk especially if they contained malicious code
https://www.google.co.uk/amp/iedaddy.com/2011/10/sharepoint-2010blocked-file-types/amp/
There are some articles out there which advise on mitigating the risk, such as zipping them before uploading, and others to restrict the permissions of who and where to upload them.
I think it is best to use common sense here. SharePoint online contains anti malware and Microsoft wouldn’t have removed the limit if they thought there was a serious risk to their platform or some major barrier from a technical perspective. They have millions of tenants on the public cloud and files like exe’s and bat’s can be uploaded to any one of them. They also have some of the best security systems out there to protect their own platform. Saying this, it’s always worth being vigilant as security is a shared responsibility so if you did decide there wasn’t any risk you should still do things like zipping and restricting the uploads to a specific place by specific personnel, ensure an RFC process to clear the file for upload etc
If you thought there was a risk keeping them in the same app as your other corporate documents you could always look at alternative locations such as a file share in Azure where you could put them into Blob storage and only accessed by people who need them. This is a cheap alternative
There will be people both for and against this so as much as best practice, it’s probably more down to personal judgement and your perception of risk in doing so.
Hope that helps answers your question!
Best, Chris
SharePoint Online does not have restrictions on the types of file, as specified in this article. This could be taken as an indicator that it is ok to do so.
https://support.office.com/en-gb/article/types-of-files-that-cannot-be-added-to-a-list-or-library-30be234d-e551-4c2a-8de8-f8546ffbf5b3
However, you will also see a lot of articles around that wouldn’t advise it such as this one. They are mainly from periods where there did used to be restrictions on file types. This was mainly because files like exe’s were seen as a security risk especially if they contained malicious code
https://www.google.co.uk/amp/iedaddy.com/2011/10/sharepoint-2010blocked-file-types/amp/
There are some articles out there which advise on mitigating the risk, such as zipping them before uploading, and others to restrict the permissions of who and where to upload them.
I think it is best to use common sense here. SharePoint online contains anti malware and Microsoft wouldn’t have removed the limit if they thought there was a serious risk to their platform or some major barrier from a technical perspective. They have millions of tenants on the public cloud and files like exe’s and bat’s can be uploaded to any one of them. They also have some of the best security systems out there to protect their own platform. Saying this, it’s always worth being vigilant as security is a shared responsibility so if you did decide there wasn’t any risk you should still do things like zipping and restricting the uploads to a specific place by specific personnel, ensure an RFC process to clear the file for upload etc
If you thought there was a risk keeping them in the same app as your other corporate documents you could always look at alternative locations such as a file share in Azure where you could put them into Blob storage and only accessed by people who need them. This is a cheap alternative
There will be people both for and against this so as much as best practice, it’s probably more down to personal judgement and your perception of risk in doing so.
Hope that helps answers your question!
Best, Chris
I’m for. It doesn’t really matter what goes in. Cloud storage is cloud storage. They don’t change and really isn’t anything I could say as to why I wouldn’t.