Storage Hoarders!

Hi All
I have an ongoing issue with storage hoarders and was wondering if others had the same experience?
I’ve been in my current role for 9 months and one of the first measures I implemented was FSRM quotas on staff profiles as they were out of control at around 40GB, they each have 15GB which I think is pretty reasonable… my last place, staff had 2GB…
We are a business and not here to store and backup holiday snaps from Marbella 2012, Uncle Alf’s 60th and iTunes music accounts and The Management now fully support that.
We also have a number of shares for various purposes, one of which is 500GB, is used as a dumping ground and has just ran out of space. The question I was just asked: ‘Why is it a paltry 500Gb when home computers are measured in terabytes these days?’ There is an expectation that we should just throw more space at the problem, rather than resolve the issue. In my experience, the more space you give people, the more they just fill it up with rubbish.
Am I just being mean?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

dave330i

Judderman88 wrote: »

Am I just being mean?

No. Challenge anyone to show that they need more than 500GB to store business related items.

Shdwmage

I'm going to have to agree with Dave. Run through and do a search for *.mp3 and *.jpg see how many files and how much space they are taking up. You'll be able to find your biggest offenders that way.

cruwl

500Gb is pretty small IMHO. You didn't say how many users this is for.

The 40Gb per user in their personal space is ridiculous, hell even the 15G is high. If the 500G is true work related data, then you are hindering the business by not growing the share. I've worked in places where it is mandatory to keep data for 7+ years, so the share grew quickly. Redundant business class storage really is pretty cheap in the grand scheme of things.

I would say you need to truly reevaluate the business need for data storage. Are people using their personal storage now because the company share is full? have you guys failed to keep up with the data demand of the company?

Or is someone torrenting on your network and saving movies to your share?

Also how many users are we talking here? 10? 100? 300?

bigdogz

In my experiences I have had some users, ironically in IT, that hoard data in a business or personal nature. I would call these folks viruses, or viri and would tell them that their existence causes the drives to freeze up and blue screen servers. I would tell them this in a joking manner but it would get my point across.
You have to ask them for a business use and the impact of data unavailable. In some cases (audits or agreements with customers) there may be a need for more data, but in most cases it is not needed. You need to find a way to offline data and have COPIES available in the event where a device may die or may not be available.

Good Luck!

markulous

It would depend on their environment and I'd take a look at what they are saving. If it's media that is not related to work taking up the majority of space, then you are absolutely doing the right thing. If business needs require more storage, then it's something your department should reevaluate. From my experience, 500GB Hard drives are enough for users in large businesses, but it does depend.

iBrokeIT

Judderman88 wrote: »

We are a business and not here to store and backup holiday snaps from Marbella 2012, Uncle Alf’s 60th and iTunes music accounts and The Management now fully support that.

If that type of stuff is found on our network the users would be lucky to get a warning before it is deleted from their computer and server. Your company computer is a tool to get your job done, not a perk with unlimited resources.

If management wants to go that route I would present them with two options to resolve that lack of space. 1) spec out more SAN and backup storage = $$$ or 2) an updated acceptable use policy and the removal of personal media from company resources = no $$$.

Judderman88 wrote: »

The question I was just asked: ‘Why is it a paltry 500Gb when home computers are measured in terabytes these days?’

Apples to oranges in many cases. You are comparing a single 500 GB consumer level spin disk drive to 500 GB of enterprise RAIDed storage that has to then be backed up and retained according to company retention requirements. We use CommVault for backups, have seen the cost to purchase and support another TB of data?

Judderman88 wrote: »

Am I just being mean?

MTciscoguy

The last place I worked, if you were caught storing personal files that did not pertain to your job, you deleted it and received a written warning, the second time, you were terminated, it presents a hell of a security risk allowing your employees to store personal media and other types of data that is not business related.

Heck when I worked in the Army, we screened everything all of the time and everybody was required to be checked for personal storage devices you are not even suppose to plug a personal storage device into those computers, a personal media file could get you court martial!

cyberguypr

Policy... BINGO! You can have all the controls in the world but if policy is weak or nonexistent, you will lose the battle as you have no way to enforce anything. It needs to be set in stone what data is allowed on those shared drives, for how long, etc.. That way you can do what iBrokeIT said: either delete no questions asked, or go ask for funding for more storage. OP says that management supports it so if this is the case make sure you get it in writing and work with whoever is in charge to establish a policy. Set a date for cleanup, communicate it, have everyone acknowledge (if possible), then go crazy deleting. I've done this many times throughout my career and always enjoyed seeing people leave with their tail between their legs when they were told 60 days in advance of the action, decided to ignore it, then came all upset asking for they data. We kindly pointed to their acknowledgment of the policy and asked what else we could help them with.

This is not being mean. You are hired to look out for the stability and optimization of the IT infrastructure and that is exactly what you are doing.

Matt2

Maybe not being mean. But 500GB is nothing for multi-user share in a enterprise environment.

Judderman88

Thanks to those who replied
To add some further context, the share I mentioned is one of four and is accessed by around 50 staff, as mentioned this is on top of their 15GB profile allowance.
I can provide additional resource, we’ve got 4TB available on the SAN but as I mentioned, I don’t think throwing storage at it is the answer and my Line Mgr (An Accountant) agrees. We need to improve working practices
Users are removing their personal data including a colleague who has taken 6GB of data out pertaining to their side line cake business!

Claymoore

You can spend a ton of time (which equals tons of money) trying to police it, or you can spend a little bit of money and expand the storage. There are file server policies that prevent saving certain extensions, but someone will have a need for jpeg or a call recording mp3 and those policies go out the window.

Don't you have better things to do than searches across file shares?

beads

There is a legal argument to be made here as well. Your company should be policing itself on a regular basis to ensure what you do have backed up no matter how innocent sounding or titled it may be - or not. Just because it say's something like Miranda's Birthday pictures does mean its not Miranda in her birthday suit. Now whose the accessory? Legally your in enough trouble to spend alot of face time with your new friend the legal team.

Second argument I would make to management about that non-existent policy statement would be that of a number of anonymous file sharing services, both paid and "free" already and willing to accept this indemnified risk. Its all spelled out for you in the EULA - your company does not.

-b/eads

Shdwmage

Claymoore wrote: »

Don't you have better things to do than searches across file shares?

No I don't. If you give them an inch they will take it a mile. Its better to put policies in place and nip it in the bud.

Matt2

You can put policies in place per user for shares too. Not too much work in Windows Server.

Shdwmage

As to those who say not to care, if there is illegal items on the server the business is responsible. It needs to be cleaned up.

alias454

I have to agree, users should not store personal data like MP3's etc. on company servers. I also agree that if there is a business need for more space, you are obligated to provide the space so users can do their jobs. If using shared storage provided/managed by the IT team is difficult for users, then you run the risk of them storing important documents locally or somewhere else that doesn't get backed up. It is a two pronged approach, not an either or. Unrestricted growth has to be managed and that is done through policy and other controls. Our jobs are to be good stewards of the resources we manage and to maximize benefit for the organizations we work for.

As far as taking the time to pick through file shares, I like using Treesize Disk Space Manager software at its best: TreeSize Professional and SpaceMonger works okay too.

Regards,