Citadel / Controls / UnusedFiles

UnusedFiles Control

What does this control check?

The UnusedFiles control scans your Downloads folder for files that haven't been accessed in an extended period (typically 90 days or more). Old, forgotten files in your Downloads folder can accumulate sensitive data and create security risks.

Important: Your Downloads folder is meant to be temporary storage, not a long-term filing system. Over time, it becomes cluttered with documents, spreadsheets, PDFs, and other files you downloaded once and forgot about. These forgotten files often contain sensitive information - customer data, financial reports, internal documents, passwords, or personal information. If your computer is compromised or stolen, attackers gain access to months or years of accumulated downloads, potentially exposing far more data than you realize.

Why is this important?

๐Ÿ“ฆ

Data Minimization

Every file on your computer is a potential target for thieves and malware. Regularly purging unused files reduces the amount of sensitive data at risk if your device is compromised.

๐Ÿ•ต๏ธ

Forgotten Sensitive Data

Old downloads often contain sensitive information you've forgotten about - contracts, reports, customer lists, or financial data that you no longer need but remains exposed.

๐Ÿงน

Digital Hygiene

Regular cleanup of unused files is a fundamental security practice, similar to shredding paper documents you no longer need rather than leaving them in piles.

How to fix this

Cleaning Up Old Downloads on Windows

Step 1: Find old files

  1. Open File Explorer
  2. Navigate to your Downloads folder
  3. Click on the Date modified column header to sort by date
  4. Scroll down to see the oldest files
  5. Identify files you haven't used in 90+ days

Step 1b: Show hidden files

Some flagged files may be invisible โ€” their names start with a dot (e.g. .DS_Store, .backup). Windows hides these by default. To reveal them:

  1. Open File Explorer and navigate to Downloads
  2. On Windows 11: click View โ†’ Show โ†’ Hidden items
  3. On Windows 10: click the View tab and check Hidden items
  4. Any hidden files will appear, slightly greyed out
  5. Sort by Date modified again to find the oldest ones

You can safely delete most dot-files you find in Downloads โ€” they are rarely important and are typically leftovers from apps or archives. If you are unsure what a file is, right-click it and select Properties for details.

Step 2: Review and decide

For each old file, ask yourself:

  • "Have I used this in the last 3 months?" - If no, you probably don't need it
  • "Is this stored elsewhere?" - If it's in email, cloud storage, or a work system, delete the download
  • "Would I miss this if it was gone?" - If not, delete it
  • "Do I even remember what this is?" - If not, it's safe to delete

Step 3: Archive or delete

  1. If you need to keep a file:
    • Move it to a proper location (Documents, OneDrive, SharePoint)
    • Don't leave it in Downloads
  2. If you don't need the file:
    • Select the file(s) โ€” including any greyed-out hidden files
    • Press Shift + Delete for permanent deletion
    • Click Yes to confirm
โš ๏ธ Important notes:
  • Downloads is for temporary files - move important files to Documents or cloud storage
  • If you need something again, you can usually re-download or re-export it
  • Make this a monthly habit to prevent accumulation
  • When in doubt about a file's importance, ask a colleague or manager

Cleaning Up Old Downloads on macOS

Step 1: Find old files

  1. Open Finder
  2. Click on Downloads in the sidebar
  3. Change view to List view (View โ†’ as List, or press Command + 2)
  4. Click on the Date Modified or Date Last Opened column to sort
  5. Identify files you haven't used in 90+ days

Step 1b: Show hidden files

Some flagged files may be hidden โ€” their names start with a dot (e.g. .DS_Store, .backup). macOS hides these from Finder by default. To reveal them:

  1. Open Finder and navigate to your Downloads folder
  2. Press Command + Shift + . (period)
  3. Hidden files will appear, greyed out to indicate they are normally invisible
  4. Press the same shortcut again to hide them when you are done

You can safely delete most dot-files you find in Downloads โ€” they are rarely important and are typically leftovers from apps or archives. If you are unsure what a file is, right-click it and select Get Info for details.

Step 2: Review and decide

For each old file, ask yourself:

  • "Have I used this in the last 3 months?" - If no, you probably don't need it
  • "Is this stored elsewhere?" - If it's in email, (company) cloud storage, or other work system, delete the download
  • "Would I miss this if it was gone?" - If not, delete it
  • "Do I even remember what this is?" - If not, it's safe to delete

Step 3: Archive or delete

  1. If you need to keep a file:
    • Move it to a proper location (Documents folder, company (cloud) storage)
    • Don't leave it in Downloads
  2. If you don't need the file:
    • Select the file(s) โ€” including any greyed-out hidden files
    • Press Command + Delete to move to Trash
    • Empty the Trash: Finder โ†’ Empty Trash
Automatic cleanup: You can configure macOS to automatically delete files from Downloads after 30 days. Go to Finder โ†’ Settings โ†’ Advanced and set "Remove items from the Bin after 30 days".
โš ๏ธ Important notes:
  • Downloads is for temporary files - move important files to Documents or cloud storage
  • If you need something again, you can usually re-download or re-export it
  • Make this a monthly habit to prevent accumulation
  • When in doubt about a file's importance, ask a colleague or manager

Verifying the fix

After cleaning up old files, Citadel will automatically verify this control during its next check.

To verify your Downloads folder is clean:

  1. Open File Explorer and navigate to Downloads
  2. If some of the identified files are hidden, show hidden files first:
    • Windows 11: View โ†’ Show โ†’ Hidden items
    • Windows 10: View tab โ†’ check Hidden items
  3. Click the Date modified column to sort by date
  4. Scroll to the oldest files โ€” both normal and greyed-out hidden ones
  5. Files older than 90 days should be either moved to proper storage or deleted
  6. Your Downloads folder should only contain recent files you're actively using

To verify your Downloads folder is clean:

  1. Open Finder and click on Downloads
  2. Switch to List view (Command + 2)
  3. Press Command + Shift + . to also show hidden dot-files
  4. Click Date Modified to sort by date
  5. Scroll to the oldest files โ€” both normal and greyed-out hidden ones
  6. Files older than 90 days should be either moved to proper storage or deleted
  7. Press Command + Shift + . again to hide dot-files when done

Tip: Right-click any file and select Get Info to see both when it was created and when it was last opened.