Members of the ControlPoint Compliance Administrators group can define Compliance Action rules to determine how non-compliant content should be handled, based on the severity level detected. You can also specify that one or more users be alerted via email when a Compliance Action is taken.
REMINDER: Sensitive Content Manager must be installed in your environment and you must be a member of the ControlPoint Compliance Administrators group to use this functionality.
To access the Compliance Actions page:
Use the information in the following table to determine the appropriate action to take.
If you are creating ...
a global set of rules independent of a particular scan job
from the Manage panel, choose Compliance > ControlPoint Compliance Actions.
a set of rules for a specific scan job that has been returned from Metalogix Sensitive Content Manager
·From the Compliance Summary page, select the scan job to which you want to apply the rule.
·Click [Apply Compliance Actions].
a ControlPoint Policy to scan for sensitive content
from the Create ControlPoint Policy page, select one of the policies to scan for sensitive content:
·Scan items for sensitive data when content is updated
·Scan items for sensitive data when content is updated or saved.
To define Compliance Action rules:
1Enter a unique name to create a new Compliance Action, or choose an existing action from the drop-down.
WARNING: If you choose to Update Existing Compliance Actions, the changes will be applied to all scan jobs that use it going forward. This is especially noteworthy in the case of ControlPoint policies, because once the policy is created the most current definition of the Compliance Actions is applied automatically based on scan results.
2For each of the Severity levels (Mild, Moderate, and Severe), specify the action that should be applied when a threat is detected. You can choose to have ControlPoint:
·Take No Action on non-compliant content
·Quarantine non-compliant content
·Use an Approval Workflow to address non-compliant content
·Remove non-compliant content
Note that an action must be defined for all three severity levels. You can navigate from one rule to the next via the Select actions for threat level: button.
3If you want ControlPoint to send an email alert when a specified action is taken:
a)Check the Alert Users box.
b)Click [Create New User].
c)Complete the Select Users for the user to which you want to send the alert.
NOTE: Currently, you can only select one user at a time. Repeat substeps b) and c) for each user you want to alert.
If you have chosen to have ControlPoint Quarantine an item with non-compliant content, you can also choose to have an alert sent to all members of the ControlPoint Quarantine Administrators group.
If you have chosen to use an Approval Workflow, follow the instructions for "Using an Approval Workflow," following.
4When you have finished defining Compliance Rules for each Severity Level, click [Save].
Using An Approval Workflow
If you have chosen to use an Approval Workflow to address non-compliant content, after clicking the [Create New User] button:
1First, select the user who will be notified by ControlPoint to start the workflow when non-compliant content is found
2Select additional users who will be designated as approvers.
NOTE: The user you select to start the workflow must have permissions to Edit Items and approvers must have permissions to Approve Items for lists within the scope of the Compliance Action.
You can also choose to have SharePoint notify approvers
§One at a Time (Serial)
·All At Once (Parallel)
3Click [Add User].
4If you want SharePoint to notify additional users when an approval workflow starts and ends:
a)Click [Create New User].
b)Select the users you want to notify.
c)Choose Notify these people when the workflow starts and ends without assigning tasks to them.
d)Click [Add User].
5For Request, enter the message that you want to be sent to users with assigned tasks.
Compliance Action Alert Email
When a Compliance Action rule includes an alert, an email, which identifies the Severity Level and action taken, is automatically sent to selected recipients.
ControlPoint Application Administrators can change the default text for the email by updating the applicable ControlPoint Configuration Setting:
Refer to the ControlPoint Administrators Guide for details.