Chat now with support
Chat with Support

Metalogix ControlPoint 8.2 - User Guide

Preface Getting Started with ControlPoint Using Discovery to Collect Information for the ControlPoint Database Cache Searching for SharePoint Sites Managing SharePoint Objects
Accessing SharePoint Pages Viewing Properties of an Object within the SharePoint Hierarchy Creating Dashboards for Monitoring Statistics within Your SharePoint Farm Setting Object Properties Managing Site Collection and Site Features Managing Audit Settings Creating and Managing SharePoint Alerts Setting ControlPoint Alerts Managing Metadata Copying and Moving SharePoint Objects (Version 8.0 and Earlier) Moving a Site Collection to Another Content Database Deleting Sites Deleting Lists Archiving Audit Log Data Before Moving or Deleting a Site Collection Duplicating a Workflow Definition from one List or Site to Others Removing a Workflow from One or More Lists (or Sites)
Using ControlPoint Policies to Control Your SharePoint Environment Managing SharePoint User Permissions Data Analysis and Reporting
Specifying Parameters for Your Analysis Analysis Results Display Generating a SharePoint Summary Report Analyzing Activity Analyzing Object Properties Analyzing Storage Analyzing Content Generating a SharePoint Hierarchy Report Analyzing Trends Auditing Activities and Changes in Your SharePoint Environment Analyzing SharePoint Alerts Analyzing ControlPoint Policies Analyzing Users and Permissions The ControlPoint Task Audit Viewing Logged Errors
Scheduling a ControlPoint Operation Saving, Modifying and Executing Instructions for a ControlPoint Operation Using the ControlPoint Governance Policy Manager (SharePoint 2010 and Later) Using Sensitive Content Manager to Analyze SharePoint Content for Compliance Using ControlPoint Sentinel to Detect Anomalous Activity Default Menu Options for ControlPoint Users About Us

Managing Sensitive Content Manager Users

Sensitive Content User Maintenance functionality can be used by members of the ControlPoint Compliance Administrators group to register or delete other Sensitive Content Manager users, as an alternative to having users self-register.

To launch the Sensitive Content Manager User Maintenance page:

From the Manage panel, choose Compliance > User Maintenance.

The Sensitive Content User Maintenance page uses Auth Tokens to connect to Sensitive Content Manager, as well as Refresh tokens to prevent Auth tokens from expiring.  Under normal circumstances, Auth tokens are auto-refreshed hourly and  should never expire.  Therefore, the [Refresh] option should only be only with guidance from Quest Support.

SCM User Maintenance

To register Sensitive Content Manger users:

1Click [Register] to display the Select Users dialog.

2Enter the user account that you want to register.

SCM User Maintenance SELECT USER

NOTE:  You can only register one user at a time, and the user you want to register must have a valid email address.

3Click [Add] to add the user and display the Metalogix Sensitive Content Manager Registration dialog.

4Register the user for Sensitive Content Manager.

5Complete Steps 1-4 for each user you want to register.

NOTE:  Make sure that all registered users are also members of the ControlPoint Compliance Administrators group but are not also members of the Business Administrators group.

To "unregister" Sensitive Content Manager users:

1Use the check box(es) to select the user(s) you want to unregister.

2Click [Delete].

NOTE:  Unless you remove the unregistered users from the ControlPoint Compliance Administrators group, they will continue to be prompted to register whenever Sensitive Content Manager functionality is invoked

Managing Sensitive Content Manager Profiles

A Sensitive Content Manager Profile is a named collection of content search and analysis guidelines. SCM includes a number of "Standard" Profiles for detecting Sensitive Content, which include:

·Personally Identifiable Information (PII)

·Protected Health Information (PHI)

·Payment Card Industry (PCI)

·General Data Protection Regulation (GDPR) compliance.

NOTE: Quest continually adds new Standard Profiles, which cannot be modified or deleted.

Members of the ControlPoint Compliance Administrators group can also create and manage custom Profiles by defining  content search and analysis guidelines to use, as an organization's file analysis criteria may differ from those used in Standard Profiles. For example, you may want to create a custom Profile to group and weight a different subset of the predefined Search Terms, add custom Search Terms for sensitive data types, or analyze data that falls outside "standard" Profile definitions.

Sensitive Content Manager Profile Components

Sensitive Content Manager Profiles consist of the components described in the following table.

Profile Component


Search Term

A word or any simple or complex alphanumeric pattern that represents sensitive information in a document.

For example, in the PII Profile, these Search Terms are the personal identifiable information like a person's name, date of birth, financial account numbers, address, email address, etc.

Each content search uses a set of Search Terms in a Profile.

Regular Expression (Regex)

The search syntax for a Search Term.  

The analysis engine matches the file contents with a Search Term based on the regex syntax specified in the Profile. You can define new Profiles that use the Standard Search Terms, or create Search Terms based on custom expressions.

NOTE:  Regular expressions for the predefined search terms are internally defined in the Search Term, and cannot be modified because they are not standalone regular expressions.


The degree of severity of a possible content match for a specific Profile.

File Score

That weight factor combined with the number of content matches encountered during an analysis job.

File scores are calculated during a file analysis to determine the overall severity level of a document

Creating Sensitive Content Manager Profiles

To create a Sensitive Content Manager Profile:

1.From the Manage panel, choose Compliance > Profile Maintenance.

SCM Profile Maintenance

2Click [Create].

3Enter a unique title for the Profile, as well as a description that will be visible to end users.

4If you want to make the Profile private, uncheck the Make Profile Public box.

IMPORTANT NOTE:  Communication with ControlPoint is performed in the context of the Service Account, and all Profiles belong to that account.  Therefore, Private Profiles are currently available to all members of the ControlPoint Compliance Administrators group. .

Create Complinace Profile Title and Description

5.If different than the defaults, adjust the relative weights (that is, the degree of severity of a possible content match) for each  threat level (Mild, Moderate, and Severe).

SCM Weight Values

NOTE:  While default weight values are recommended guidelines, you can increase or decrease the relative weights between severity levels, and there is no upper limit to the range that can be entered.

6.From the Search Term List, select the Search Term(s) that you want to add to the Profile, then click [Add] to move the term(s) to the Profile Search Terms list.

SCM Search Term Selection

NOTE:  If you want to include a Search Term that does not display in the list, you can create a custom Search Term.

7Click [Create].

To edit a custom Profle:

1In the Compliance Search Terms Manager page, select the Public or Private Profile you want to edit, then click [Edit].

2Update fields as needed, then click [Update].

Note that Standard Profiles are provided by Quest and cannot be edited or deleted.  

Managing Compliance Search Terms

Sensitive Content Manager includes a number of out-of-the-box "standard" Search Terms for use in creating Profiles.  These include terms related to:

·Personal Identification Information (PII)

·Payment Card Information (PCI)

·Protected Health Information (PHI)

·General Data Protection Regulation (GDPR) compliance.

NOTE: Note that Quest continually adds Standard Search Terms, which cannot be edited or deleted.

Members of the Compliance Administrators can also create and maintain custom Search Terms to meet the organization's unique compliance needs.

To access the Compliance Search Terms Manager page:

From the Manage panel, choose Compliance > Search Terms Maintenance.

NOTE:  You can also access this page from the Compliance Profile Manager page by clicking [Create Custom Search Term].

Compliance Search Terms

To create custom Search Terms:

1Click [Create].

2Enter a Search Term Title and Search Term Description as well as an Expression Name for the regex.

SCM Search Term Info

4.Enter a valid regex expression.  

NOTE:  Do not enter any leading or ending slashes (/)

SCM Regex Expression

5.To test the validity of the expression:

a)enter representative text in the Sample Text Goes Here: field.

SCM Search Term Sample Text

b)Click the [Test Expression] at the bottom of the dialog.

A pop-up will display informing you that either:

§a match can be found for the text using the given regex

SCM  Regex Validate


§a match cannot be found for the text using the give regex.

SCM Validate Fail

2If you want to make the Search Term Private, uncheck the Make Search Term Public box.

IMPORTANT NOTE:  Communication with ControlPoint is performed in the context of the Service Account, and all Search Terms belong to that account.  Therefore, Private Search Terms are currently available to all members of the ControlPoint Compliance Administrators group.

To edit a custom Search Term:

1In the Compliance Search Terms Manager page, select the term that you want to edit, then click [Edit].

SCM Search Term EDIT

2Update fields as needed, then click [Update].

NOTE: Any Search Term for which the regex is not visible is a Standard Search Term provided by Quest that cannot be edited.  (Some fields on the dialog  may appear enabled, but any changes you attempt to make will not be saved.)

SCM Seach Term Uneditible Enabled

Related Documents