Chat now with support
Chat with Support

Metalogix ControlPoint 8.5 - O365 User Guide

Getting Started with ControlPoint Using Discovery to Collect Information for the ControlPoint Database Cache Searching for SharePoint Sites Managing SharePoint Objects Managing Audit Settings Managing Metadata Managing SharePoint User Permissions Data Analysis and Reporting Scheduling a ControlPoint Operation Saving, Modifying and Executing Instructions for a ControlPoint Operation Provisioning SharePoint Site Collections and Sites Using Sensitive Content Manager to Analyze SharePoint Content for Compliance Using ControlPoint Sentinel to Detect Anomalous Activity Default Menu Options for ControlPoint Online Users About Us

Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences

ControlPoint Application Administrators use the ControlPoint Sensitive Content Manager Configuration dialog to set EndPoints to point to the server(s) on which Sensitive Content Manager is configured.  Members of the Compliance Administrators group can also test the availability of each EndPoint and change default preferences for scanning content.

NOTE:  ControlPoint Application Administrators can also configure EndPoints individually and update other configuration settings via ControlPoint Configuration Settings - Compliance settings.

To launch the ControlPoint Sensitive Content Manager Configuration dialog:

From the left navigation Manage tab, choose Compliance > Sensitive Content Configuration Maintenance.

Setting EndPoints

The Value of each Sensitive Content Manager EndPoint must be set to point to the server(s) on which Sensitive Content Manager is configured your environment.  Use the information in the following table for guidance. SCM Configuration Settings O365

 

Endpoint

Description

Value

Sensitive Content Manager Upload EndPoint

The URL for the Sensitive Content Manager for sending files.

This corresponds to the File Upload URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

Sensitive Content Manager Results EndPoint

The URL for the Sensitive Content Manager service for retrieving files job results.

This corresponds to the Results Service URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

Sensitive Content Manager Profile EndPoint

The URL for the Sensitive Manager service for retrieving profiles.

This corresponds to the Profile Service URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

Sensitive Content Manager Search Terms

The URL for the Sensitive Content Manager service for retrieving rules used to identify a specific kind of sensitive content.

This corresponds to the Subquestion Service URL specified at the time Sensitive Content Manager was installed.

http://<server.domain>

(or if installed on multiple servers:  
http://<server.domain>:port)

When you have finished setting EndPoints, click [Update].

Testing Availability of EndPoints, File Upload, and Results

From the EndPoint Testing tab, you can test the availability of each endpoint that you set, as well as whether files can be uploaded to/received from Metalogix Sensitive Content Manager.

If you click a [Test EndPoint] button and the status returns as Unavailable, make sure that the URL is correct and that the service is available on the Metalogix Sensitive Content Manager server side.

If you click [Test File Upload], ControlPoint will send a sample file to Metalogix Sensitive Content Manager, and will display a log of the action.  If you then click [Test File Results], ControlPoint will log the progress of the file's return.

SCM EndPoint Testing

Managing Scanning Preferences

ControlPoint can create columns called Scan Results and/or Terms Detected. Each time a scan is performed, the Severity Level is populated for the scanned item.

PII Scan Results

ControlPoint Application Administrators can allow this column to be created/populated by changing the value(s) of Automatically add Scan File Results column and update with severity level in SharePoint Lists and/or Automatically add Terms detected column and update with severity level in SharePoint Lists from false to true.

Submitting Content to Metalogix Sensitive Content Manager

Members of the ControlPoint Compliance Administrators group can use the ControlPoint Analyze Content action to submit content to the Metalogix Sensitive Content Manager where it will be scanned for potentially sensitive content. ControlPoint submits the following types of content for scanning:

·files within Document Libraries with the following extensions:

§.7z

§.arj

§.bz2

§.bzip

§.doc

§.docx

§.eml

§.gz

§.log

§msg

§.odt

§.pdf

§.pps

§.ppt

§.pptx

§.rtf

§.rar

§.tar

§.tbz2

§.tgz

§.txt

§.xls

§.xlsx

§.zip

·items within most types of lists (with or without attachments that have any of the file extensions listed above).

To submit content to Metalogix Sensitive Content Manager for analysis:

IMPORTANT: If you have upgraded to Metalogix Sensitive Content Manager 2.0 or later from an earlier version, pending content submissions that use the older Profiles may need to be re-created.

1Select the object(s) containing the items that you want to submit for analysis.

2Choose Compliance > Analyze Content.

REMINDER:  Sensitive Content Manager must be installed and in your environment and you must be a member of the ControlPoint Compliance Administrators group to use this functionality.

3Enter a name and description for the scan.

4If different from the default (PII - Personal Identification Information), select a Profile for this scan from the drop-down.

See also Managing SCM Profiles.

5If you want to Resubmit files that have not changed since they were previously scanned, check this box.

NOTE:  If you leave this box unchecked, previously-scanned files that have not changed will be excluded.  You cannot resubmit scan if it is uploading, an action is taken or if profile no longer exists.

6Include one or more list types from the list box.  (If you also want to Include attachments, check this box.)

7Now you can:

§run the operation immediately (by clicking [Analyze])

OR

§schedule the operation to run at a later time or on a recurring schedule

OR

§save the operation as XML Instructions that can be run at a later time.

A ControlPoint Task Audit is generated for the submission.  You can monitor the progress of the submission via the Sensitive Content Manager Submission Maintenance page.

Compliance Action Severity Levels

When content is analyzed by the Metalogix Sensitive Content Manager, it is evaluated against the following three severity levels, as defined in the Sensitive Content Manager Profile used for the content analysis.

·Severe

·Moderate

·Mild

Compliance Administrators specify the appropriate action to take for each severity level via the ControlPoint Compliance Actions page.

Managing Sensitive Content Manager Submissions

From the Sensitive Content Submission Maintenance page, ControlPoint Compliance Administrators can:

·monitor the progress of jobs that have been submitted to Metalogix Sensitive Content Manager for compliance scanning

·view a detailed analysis of compliance scan results

·manage compliance actions

·resubmit previously scanned jobs

·delete jobs

To launch the Sensitive Content Submission Maintenance page:

From the Manage pane, choose Compliance > Sensitive Content Submission Maintenance. Sensitive Content Submission Maintenance CPO

Select the type of scan jobs you want to view/edit.  Use the information in the following table for guidance.

In addition the current Status of each job (e.g., Uploading, Waiting for Results, Completed), ControlPoint displays the number of items within each job that are:

·Submitted by ControlPoint to the Sensitive Content Manger service for scanning

·Uploaded to Sensitive Content Manager

·Reviewed (scanned)  

·Skipped (omitted from the scan; for example, if Sensitive Content Manager was unable to read an item's contents)

·Unsupported by Sensitive Content Manager

NOTE:  For a list of supported file types, see Submitting Content to Sensitive Content Manager.

·In Queue (waiting to be scanned).

You can also link to:

§a Detailed Analysis of compliance scan results

§the Compliance Summary page, where you can manage compliance scan results

§the ControlPoint Task Audit for the job.

Resubmitting Scanned Jobs

When you resubmit a job from this page, it will be submitted exactly as originally defined.  (For example, it will not include any files that have been added to a SharePoint list or library since the last scan.)  However, any items that have been quarantined since the last scan or have already been flagged "Unsupported" will not be included in the submission.

Jobs that are uploading, have a status of "Compliance Actions Taken," or use a Profile that no longer exists cannot be resubmitted.  If you want a set of files for which actions have been taken to be rescanned, create and submit a new job for the same scope.

Deletintg Scanned Jobs

If you attempt to delete one or more scanned jobs, you will be prompted to confirm your selection.

Manage Scanned Files REMOVE

Note that:

·you cannot delete a job that has files in quarantine, and the option will be disabled (you can, however, use the Manage Scanned Files action to remove quarantined files from SharePoint).

AND

·you will have the opportunity to deselect any file that has had an Approval Workflow compliance action applied.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating