S 4.305 Use of storage restrictions (storage quotas)

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: Specialists Responsible, Administrator

Even if an organisation takes care to ensure that the system offers enough storage space when purchasing an IT system, its storage space will become scarce sooner or later after prolonged use in many cases. On IT systems used by different users, the resources available must therefore be shared in such a way that every user can work as optimally as possible.

One phenomenon frequently encountered is the situation where users want more storage space than is available to them. One reason for this, in addition to the constantly increasing storage space requirements of applications, is that many users are reluctant to delete old and unneeded files. If there are no rules for restricting storage space or for archiving, there is a risk that storage space will be wasted due to the large amounts of old data and that the user directories will overflow.

A simple solution would be to ensure there is always more storage space than needed as the demand for storage increases. However, this is not always feasible in practice.

A certain amount of storage space can be allocated to users or user groups, but also to applications, using disk quotas that must not be exceeded. For this reason, the storage space allocated to each user and each application should be restricted using disk quotas on the servers and on all IT systems used concurrently by several different users or applications. This includes servers (e.g. file servers, web servers, and email servers) and clients with multiple user accounts. Disk quotas are unnecessary for clients on which there are separate data and system partitions and that are only used by one user.

When using disk quotas, it is important to select the right quota volume. If all users will be allocated the same quota volume, the volume to be allocated can be calculated by dividing the storage space available by the number of users. However, a certain amount of reserve storage space should be planned. Problems may arise when the disk quota selected is too small. If there is not enough storage space available to the users, they might try to store information outside of the dedicated directories in order to circumvent the restrictions. Storage locations not suitable for such use, e.g. temporary directories or other directories with write privileges enabled for all users, are frequently used in this case. If the storage space available on the file servers is too low, users will often resort to using local hard disks. In most cases, this is a violation of the rules and can also mean that these files will not be included in the central data backups, for example.

On the one hand, it is necessary to specify which information will be stored where and, on the other hand, how many versions of a file will be stored for how long on the production system.

Data resources from completed projects should be properly archived and should not be stored on the production systems as a reserve "just in case". On the other hand, it is also necessary to specify how much storage space will be available to the various user groups and applications. In addition, reserve storage space should be planned. Furthermore, it is also necessary to specify how more storage space can be allocated to the users when needed. The values defined must be documented. In addition, the values must be checked and updated regularly.

Once the size of a disk quota has been specified, consideration should be given to determining if and how the organisation should react when the need for storage space increases. The type of quota selected has an influence on this decision. When hard quotas are used, fixed upper limits are specified and it is impossible for the users to use more storage space than was allocated to them. In contrast, a soft quota allows users to exceed their disk quota up to a specific limit and for a specific amount of time. If the disk quota is exceeded, the user must at least be informed of this fact, for example by email. Consideration should be given to informing the administrator in this case so that he/she can react to any problems that may occur. In addition, it must be specified if and how individual users will be allocated additional storage space. The procedure used should be orderly and traceable. Disk quotas should not be increased "on call".

Many commonly used operating systems come with resources for setting disk quotas. However, it should be examined if additional software is needed for the configuration and administration of the disk quotas.

Review questions:

© Federal Office for Information Security. All rights reserved.