The typical content reference that references a component will automatically pull its security based on security assigned to a permission list(s).  However, if you put that component in multiple places within the registry, PeopleSoft will role-up permissions to the folders, and all of sudden you have end-users with access to menu folders that typically only an administrator would be allowed to see.  To control this, you can set the content reference to “public”, and then at the folder level add the necessary security, so for an administrative content reference, the parent folder would only have the administrative roles/permissions, and the content reference would be public.  This way the end-user can’t see the content reference in the administrative menu because they don’t have access to the parent folder level.