If you have Metalogix Sensitive Content Manager (SCM) installed, you can scan content for sensitive content, then specify an action to take based on the type/severity of the information found.
Compliance Functionality Process Overview
The process for using Metalogix Sensitive Content Manager to implement ControlPoint Compliance functionality is described below.
A.ControlPoint Compliance Administrators define Compliance Action Rules.
B.ControlPoint Compliance Administrators submit content to Metalogix Sensitive Content Manager for analysis.
C.ControlPoint Compliance Administrators manage Compliance Actions.
Before you can use ControlPoint to analyze content for compliance:
·Metalogix Sensitive Content Manager version 2.0 or later must be installed on a server in your environment. Refer to the Metalogix Sensitive Content Manager Server Installation Guide, which is available on the Quest Support Technical Documentation page.
·The latest version of ControlPoint Sensitive Content Manager Service must be installed. (As of version 8.4, the Sensitive Content Manger Schedule Job option is no longer available as an alternative.)
IMPORTANT: If you have upgraded from an earlier version of Metalogix Sensitive Content Manager, Any Custom Profiles, pending content submissions that use older Profiles may need to be re-created. Contact Quest Support for assistance.
Details can be found in the Metalogix ControlPoint Administration Guide.
Only individuals who have been added to the ControlPoint Compliance Administrators group in the ControlPoint Configuration Site will be permitted to perform Compliance actions.
A Sensitive Content Manager Profile is a named collection of content search and analysis guidelines. SCM includes a number of Standard (BuiltIn) Profiles for detecting Sensitive Content, which include:
·Personally Identifiable Information (PII)
·Protected Health Information (PHI)
·Payment Card Information (PCI)
·General Data Protection Regulation (GDPR) compliance.
NOTE: Quest continually adds new Standard (BuiltIn) Profiles, which cannot be modified or deleted.
Members of the ControlPoint Compliance Administrators group can also create and manage custom Profiles by defining content search and analysis guidelines to use, as an organization's file analysis criteria may differ from those used in BuilIn Profiles. For example, you may want to create a custom Profile to group and weight a different subset of the predefined Search Terms, add custom Search Terms for sensitive data types, or analyze data that falls outside BuiltIn Profile definitions.
IMPORTANT: If you have upgraded from Sensitive Content Manager 1.9, you may have to re-create (or try to restore) any existing custom Profiles, as the range of possible severity levels. Contact Quest Support for assistance.
Sensitive Content Manager Profile Components
Sensitive Content Manager Profiles consist of the components described in the following table.
Profile Component |
Description |
---|---|
Search Term |
A word or any simple or complex alphanumeric pattern that represents sensitive information in a document. For example, in the PII Profile, these Search Terms are the personal identifiable information like a person's name, date of birth, financial account numbers, address, email address, etc. Each content search uses a set of Search Terms in a Profile. |
Regular Expression (Regex) |
The search syntax for a Search Term. The analysis engine matches the file contents with a Search Term based on the regex syntax specified in the Profile. You can define new Profiles that use the Standard Search Terms, or create Search Terms based on custom expressions. NOTE: Regular expressions for the predefined search terms are internally defined in the Search Term, and cannot be modified because they are not standalone regular expressions. |
Weight |
The degree of severity of a possible content match for a specific Profile. |
File Score |
That weight factor combined with the number of content matches encountered during an analysis job. File scores are calculated during a file analysis to determine the overall severity level of a document |
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center