Chat now with support
Chat with Support

Metalogix ControlPoint 8.1 - for Office 365 User Guide

Getting Started with ControlPoint Searching for SharePoint Sites Managing SharePoint Objects Managing Metadata Managing SharePoint User Permissions Data Analysis and Reporting Scheduling a ControlPoint Operation Saving, Modifying and Executing Instructions for a ControlPoint Operation Provisioning SharePoint Site Collections and Sites Using Sensitive Content Manager to Analyze SharePoint Content for Compliance Using ControlPoint Sentinel to Detect Anomalous Activity About Us

Creating Sensitive Content Manager Profiles

To create a Sensitive Content Manager Profile:

1.From the Manage panel, choose Compliance > Profile Maintenance.

SCM Profile Maintenance

2Click [Create].

3Enter a unique title for the Profile, as well as a description that will be visible to end users.

4If you want to make the Profile private, uncheck the Make Profile Public box.

IMPORTANT NOTE:  Communication with ControlPoint is performed in the context of the Service Account, and all Profiles belong to that account.  Therefore, Private Profiles are currently available to all members of the ControlPoint Compliance Administrators group. .

Create Complinace Profile Title and Description

5.If different than the defaults, adjust the relative weights (that is, the degree of severity of a possible content match) for each  threat level (Mild, Moderate, and Severe).

SCM Weight Values

NOTE:  While default weight values are recommended guidelines, you can increase or decrease the relative weights between severity levels, and there is no upper limit to the range that can be entered.

6.From the Search Term List, select the Search Term(s) that you want to add to the Profile, then click [Add] to move the term(s) to the Profile Search Terms list.

SCM Search Term Selection

NOTE:  If you want to include a Search Term that does not display in the list, you can create a custom Search Term.

7Click [Create].

To edit a custom Profle:

1In the Compliance Search Terms Manager page, select the Public or Private Profile you want to edit, then click [Edit].

2Update fields as needed, then click [Update].

Note that Standard Profiles are provided by Quest and cannot be edited or deleted.  

Managing Compliance Search Terms

Sensitive Content Manager includes a number of out-of-the-box "standard" Search Terms for use in creating Profiles.  These include terms related to:

·Personal Identification Information (PII)

·Payment Card Information (PCI)

·Protected Health Information (PHI)

·General Data Protection Regulation (GDPR) compliance.

NOTE: Note that Quest continually adds Standard Search Terms, which cannot be edited or deleted.

Members of the Compliance Administrators can also create and maintain custom Search Terms to meet the organization's unique compliance needs.

To access the Compliance Search Terms Manager page:

From the Manage panel, choose Compliance > Search Terms Maintenance.

NOTE:  You can also access this page from the Compliance Profile Manager page by clicking [Create Custom Search Term].

Compliance Search Terms

To create custom Search Terms:

1Click [Create].

2Enter a Search Term Title and Search Term Description as well as an Expression Name for the regex.

SCM Search Term Info

4.Enter a valid regex expression.  

NOTE:  Do not enter any leading or ending slashes (/)

SCM Regex Expression

5.To test the validity of the expression:

a)enter representative text in the Sample Text Goes Here: field.

SCM Search Term Sample Text

b)Click the [Test Expression] at the bottom of the dialog.

A pop-up will display informing you that either:

§a match can be found for the text using the given regex

SCM  Regex Validate

OR

§a match cannot be found for the text using the give regex.

SCM Validate Fail

2If you want to make the Search Term Private, uncheck the Make Search Term Public box.

IMPORTANT NOTE:  Communication with ControlPoint is performed in the context of the Service Account, and all Search Terms belong to that account.  Therefore, Private Search Terms are currently available to all members of the ControlPoint Compliance Administrators group.

To edit a custom Search Term:

1In the Compliance Search Terms Manager page, select the term that you want to edit, then click [Edit].

SCM Search Term EDIT

2Update fields as needed, then click [Update].

NOTE: Any Search Term for which the regex is not visible is a Standard Search Term provided by Quest that cannot be edited.  (Some fields on the dialog  may appear enabled, but any changes you attempt to make will not be saved.)

SCM Seach Term Uneditible Enabled

Defining Compliance Action Rules

Members of the ControlPoint Compliance Administrators group can define Compliance Action rules to determine how non-compliant content should be handled, based on the severity level detected.  You can also specify that one or more users be alerted via email when a Compliance Action is taken.

REMINDER:  Sensitive Content Manager must be installed in your environment and you must be a member of the ControlPoint Compliance Administrators group to use this functionality.

To access the Compliance Actions page:

Use the information in the following table to determine the appropriate action to take.

If you are creating ...

Then ...

a global set of rules independent of a particular scan job

from the Manage panel, choose Compliance > ControlPoint Compliance Actions.

a set of rules for a specific scan job that has been returned from Metalogix Sensitive Content Manager

·From the Compliance Summary page, select the scan job to which you want to apply the rule.

·Click [Apply Compliance Actions].

 

To define Compliance Action rules:

1Enter a unique name to create a new Compliance Action, or choose an existing action from the drop-down.

Compliance Actions NAME

WARNING:  If you choose to Update Existing Compliance Actions, the changes will be applied to all scan jobs that use it going forward.

2For each of the Severity levels (Mild, Moderate, and Severe), specify the action that should be applied when a threat is detected.  You can choose to have ControlPoint:

·Take No Action on non-compliant content

·Quarantine non-compliant content

·Use an Approval Workflow to address non-compliant content

·Remove non-compliant content

Note that an action must be defined for all three severity levels.  You can navigate from one rule to the next via the Select actions for threat level: button.

Compliance Actions Select Level

3If you want ControlPoint to send an email alert when a specified action is taken:

a)Check the Alert Users box.

b)Click [Create New User].

c)Complete the Select Users for the user to which you want to send the alert.

NOTE:  Currently, you can only select one user at a time.  Repeat substeps b) and c) for each user you want to alert.

If you have chosen to have ControlPoint Quarantine an item with non-compliant content, you can also choose to have an alert sent to all members of the ControlPoint Quarantine Administrators group.

Compliance Rules QUARANTINE GROUP ALERT

If you have chosen to use an Approval Workflow, follow the instructions for "Using an Approval Workflow," following.

4When you have finished defining Compliance Rules for each Severity Level, click [Save].

Using An Approval Workflow

If you have chosen to use an Approval Workflow to address non-compliant content, after clicking the [Create New User] button:

1First, select the user who will be notified by ControlPoint to start the workflow when non-compliant content is found

2Select additional users who will be designated as approvers.

Compliance Actions WORKFLOW

NOTE:  The user you select to start the workflow must have permissions to Edit Items and approvers must have permissions to Approve Items for lists within the scope of the Compliance Action.

You can also choose to have SharePoint notify approvers

§One at a Time (Serial)

OR

·All At Once (Parallel)

3Click [Add User].

4If you want SharePoint to notify additional users when an approval workflow starts and ends:

a)Click [Create New User].

b)Select the users you want to notify.

c)Choose Notify these people when the workflow starts and ends without assigning tasks to them.

d)Click [Add User].

5For Request, enter the message that you want to be sent to users with assigned tasks.

Compliance Action WORKFLOW 2

Compliance Action Alert Email

When a Compliance Action rule includes an alert, an email, which identifies the Severity Level and action taken, is automatically sent to selected recipients.

ControlPoint Application Administrators can change the default text for the email by updating the applicable ControlPoint Configuration Setting:

·ComplianceMildLevelThreatsEmailBody

·ComplianceModerateLevelThreatsEmailBody

·ComplianceSeverLevelThreatsEmailBody

Refer to the ControlPoint Administrators Guide for details.

Submitting Content to Metalogix Sensitive Content Manager

Members of the ControlPoint Compliance Administrators group can use the ControlPoint Analyze Content action to submit content to the Metalogix Sensitive Content Manager where it will be scanned for potentially sensitive content. ControlPoint submits the following types of content for scanning:

·files within Document Libraries with the following extensions:

§.doc

§.docx

§.eml

§.msg

§.pdf

§.pps

§.ppt

§.pptx

§.xls

§.xlsx

§.txt

·items within most types of lists (with or without attachments that have any of the file extensions listed above).

To submit content to Metalogix Sensitive Content Manager for analysis:

1Select the object(s) containing the items that you want to submit for analysis.

2Choose Compliance > Analyze Content.

REMINDER:  Sensitive Content Manager must be installed and in your environment and you must be a member of the ControlPoint Compliance Administrators group to use this functionality.

3Enter a name and description for the scan.

4If different from the default (PII - Personal Identification Information), select a Profile for this scan from the drop-down.

See also Managing SCM Profiles.

5If you want to Resubmit files that have not changed since they were previously scanned, check this box.

NOTE:  If you leave this box unchecked, previously-scanned files that have not changed will be excluded.

6Include one or more list types from the list box.  (If you also want to Include attachments, check this box.)

7Now you can:

§run the operation immediately (by clicking [Analyze])

OR

§schedule the operation to run at a later time or on a recurring schedule

OR

§save the operation as XML Instructions that can be executed at a later time.

A ControlPoint Task Audit is generated for the submission.  You can monitor the progress of the submission via the Sensitive Content Manager Submission Maintenance page.

Related Documents