Search
Close this search box.

Review of Data Footprint at Employee Departure/Transfer

Targeted Behaviour

A significant volume of files stored in the file service are owned by ex-employees or are no longer in use because the file owner’s role has changed. The data within these files, which carries unknown risk and unknown value, is unused and unmanaged.

Directive

It is each employee’s responsibility, or the responsibility of their supervisor, to properly manage records prior to transfer or departure.

Records must be retained or disposed of in accordance with approved records retention and disposition schedules

Policy Requirements

A standard analysis of file shares owned or used by the departing/transferring employee are run prior to, or at the time of departure/transfer.
Employees/managers review files listed by these analyses and ensure that data management controls are being properly followed (delete transient files, delete duplicates, delete personal files, customer records correctly located, etc.).
Completion of data review is documented.

Create Awareness and Encourage Efficient File Service Use

Targeted Behaviour

Workplace organization practices are in place for the physical workplace (4S). These must be extended to electronic data spaces.

Directive

File storage that is allowed to grow without any form of management will quickly present unnecessary and significant risk and cost. This can be avoided by extending the corporate culture for structure and cleanliness in the physical workspace to include use and content of the file service.

Policy Requirements

File shares and SharePoint sites are periodically scanned to identify redundant, obsolete and trivial files (ROT).
A user designated as the Data Steward for each department is provided with access to the results of these analyses.
It is the Data Stewards task to identify and take each opportunity to improve how the department is using the file service.
The Data Steward may delegate access to analyses for specific users and request that they assist in removing their ROT data.

Control Data Growth and Guide Deletion of Transitory Files

Targeted Behaviour

Personal and common file shares are growing at approximately 60% p.a. Much of the content of these storage repositories is redundant, obsolete and/or trivial. Users and teams are hoarding irrelevant data.

Directive

Hard or soft limits for file share size should be put in place. These should be used to indicate to the users what the expected suitable size is for a file share. Users should have access to actionable-reports that guide clean-up of file shares when limits are approached/reached.

Policy Requirements

Hard quotas are configured on users’ personal (Home) folders. Notifications are sent to the Home Drive owner when quota thresholds are reached. These emails include a link to self-service dashboards.
Soft quotas are configured on common (Department, Project) shares. Notifications are sent when quota thresholds are reached. These emails are sent to the last ten users who wrote into the share and include a link to self-service dashboards.
File shares are scanned on a weekly basis. The data is used to refresh self-service dashboards that users have continuous access to. These dashboards list files that are likely candidates for clean-up (old, duplicated, non-business-related file type, etc.).

Refine and Organize Project Data at Project Close

Targeted Behaviour

Project teams are not reviewing project data on project completion. Large volumes of data is being retained and archived for long periods when only a small volume of that data is subject to retention policies. As project teams are dispersed after project close, knowledge of what should / should not be retained is quickly lost.

Directive

Project working practices should be extended to include a data review step. Project Managers are responsible to ensure that all project data is reviewed and organized at project close; records are identified and all other working documents, copies/versions, reference material, etc. are deleted.

Policy Requirements

Regular scans of project folders are carried out. These scans populate self-service dashboards designed to highlight files that are suspected to have low importance.
Project Managers should periodically review the content of file shares related to their project(s) – identifying and deleting unused files.
When a project is concluded, Project Managers perform a full review of associated file shares – ensuring that all files subject to retention periods are moved to an appropriate location, other important files are appropriately named and organized, and all other files are deleted.
Scroll to Top