How to implement a network storage policy

Establishing formal storage policies can help you get a grip on storage resource allocation and capacity usage.

By Steven M. Toole

With revenues exceeding more than $1.5 billion per year, Excel Communications, a telecommunications company in Dallas, had experienced fast-paced growth over the past few years. However, the number of distributed servers mushroomed from a few dozen to 475-about 80 file and print servers (a combination of Windows 2000, NT, and NetWare) and almost 400 production servers.

David Reimer, senior network engineer at Excel, says, "We had some production servers with as much as 35% wasted space." With the approval of the vice president of operations, the IT department put together a storage policy task force that consisted of systems administrators, systems engineers, and network managers. The group of eight determined that the network storage policy would serve the following purposes:

  • Recover the wasted space on production servers;
  • Put procedures in place limiting the amount of disk space that about 3,000 employees receive, and make sure they store files on the appropriate servers;
  • Reduce the number of servers through consolidation and/or move to storage area networks (SANs); and
  • Seal up deficiencies in the disaster-recovery plan by finding out what applications were on what servers and where each application's data resided.

Pressure to contain corporate spending on storage and to keep distributed servers from reaching peak-capacity limits has propelled IT departments to put their corporate network storage policy down on paper and make sure everyone follows it.

According to Data Management-The Forgotten Element of the New Economy, a report by the Butler Group, an IT consulting firm in London, unless organizations create a network storage policy, mission-critical processes could slow to the point of the organization's losing its competitive edge. The report says: "Failure to control the influx of data generated by the Web and e-business has caused many organizations to struggle with how best to control their information overload. Every organization's corporate procedures should include a comprehensive data review and storage policy, which has clear rules about which data should be left online, near-line, offline, archived, or deleted."


A well-conceived network storage policy can help an IT department establish procedures for reducing the time and cost of managing network storage; provide a systematic way to budget for storage based on accurate usage metrics; and ensure that network servers stay within the acceptable operating standards defined by the organization's business continuity plan and/or disaster-recovery plan.

Major organizations are taking solid steps to put corporate IT network storage policies in place. With the support of senior management, IT departments in these organizations have been able to take control of their distributed storage environments through a sanctioned policy and automated tools to enforce that policy.

Terry McGowan, an IT program manager and member of the storage network policy team at NCR, in Dayton, OH, says, "A [network storage] policy empowers the IT department to do what it needs to do to servers and their associated storage subsystems, especially in critical situations. The policy also outlines what end users are accountable for."

Network storage policies should define most of the following:

· Management responsibility for servers and storage
Why the policy exists and who has approved it.

Who has responsibility for the servers and what does that responsibility include, and what is the standard level of service.

· Security
Who has access to what servers, what types of files can get placed on which servers, and what types of virus control measures are taken.

· Data reclamation and space control
What action (automated or manual) gets taken when certain events occur, such as a threshold on a production server's capacity.

How storage is defined for employees, public areas, groups, departments, and e-mail.

How much space gets assigned to employees and departments, and how they obtain additional space.

Which types of thresholds and alerts get used and how they are handled.

What tools, such as reports, do employees receive to maintain their space, and why certain file types must get blocked.

· Data retention and protection
How long specific files can stay on servers.

How do documents get archived, how do backups get done, and how do employees request files to be restored.

Which servers house what applications, where does each application's data reside, and which applications are the most mission critical as defined by the disaster-recovery plan.

· Cost measures
Who gets charged for their storage usage, and what service levels are in place.

· End-user communication
How employees will learn about the policy or receive updates about it.

· Infractions
How storage violations will be handled by the organization, and what exceptions exist.

A network storage policy can range from formal written documents, which reside on the organization's intranet and get forwarded to new employees, to written documents maintained by the IT department, but verbally communicated to employees.

However, IT policies can often cause angst among employees, resulting in a push-pull relationship between both camps. Realizing this, John Webster, senior storage analyst at Illuminata, a research and consulting firm in Nashua, NH, says that, regardless of how formal or informal the storage policy is, an organization still needs to do two things: educate employees about the reason for the policy and educate them about proper storing of files on network servers.

Steven M. Toole is vice president of marketing at Precise-WQuinn (www.wquinn.com) in Reston, VA. He can be contacted at smtoole@wquinn.com.

Guidelines for carrying out a network storage policy

  • Get corporate IT to define the reason for the policy and to provide leadership
    Get the buy-in from senior IT executives and/or corporate management, human resources, and legal. Ask a senior IT staff member to spearhead the policy rollout.
  • SRM tools help provide specifics for network storage policies and provide procedures for enforcing policies
    Invest in storage resource management (SRM) tools, and ascertain current storage usage patterns through a thorough audit of existing storage resources. Work with systems administrators to determine space allocations, thresholds, and alerts for specific storage resources. Create automated procedures to be carried out by the SRM tools.
  • IT department must prepare the server environment before going ahead with a network storage policy
    Groom wasted space from current storage devices by deleting unnecessary files and asking employees to free up space in their home directory. Work with employees to assess their storage needs. Set space allotments and do soft monitoring so employees can get used to responding to alerts. Don't finalize policy until procedures have been thoroughly test-driven and everyone is comfortable.
  • Network storage policies must fit the organization
    Make certain types of servers available for applications such as archiving. Always work closely with employees to assess their storage needs. Set up procedures logically so different groups can carry out their tasks independently of each other.
  • Network storage policies need to be rolled out carefully
    Have the IT department or IT storage committee issue communications to department heads and their employees about the storage policy and the way it will be carried out, especially what housekeeping tasks employees are asked to do.
  • Network storage policies should go beyond the limits of space
    Establish backup procedures for mobile employees or enlist an e-storage service for mobile backups. Decide what to do with files when employees leave the organization or transfer to a different department. Gather historical data about storage patterns for capacity planning and budgeting, and look at the feasibility of doing storage charge backs to departments.

Coming in INFOSTOR...

SPECIAL REPORT: IP storage over WANs:
As storage area networks (SANs) grow in size, and applications such as disaster recovery become increasingly important, IT organizations need a way to transfer storage I/O over long distances-preferably at relatively low cost and using a method that's based on a standard. Our March issue Special Report focuses on the business benefits of moving SCSI and Fibre Channel traffic over IP-based wide area networks (WANs), with a focus on three emerging standards: iSCSI, FCIP, and iFCP.


  • Providing security in long-distance "virtual SANs"
  • Virtualizing all storage topologies and formats
  • New opportunities for storage resellers/integrators
  • SSPs/MSPs address new services, software
  • Testing Fibre Channel SANs

This article was originally published on February 01, 2002