diff --git a/changes/17197-frequent-cleanups-enabled b/changes/17197-frequent-cleanups-enabled
new file mode 100644
index 000000000..770745639
--- /dev/null
+++ b/changes/17197-frequent-cleanups-enabled
@@ -0,0 +1 @@
+Added --server_frequent_cleanups_enabled (FLEET_SERVER_FREQUENT_CLEANUPS_ENABLED) flag to enable cron job to clean up stale data running every 15 minutes. Currently disabled by default.
diff --git a/cmd/fleet/serve.go b/cmd/fleet/serve.go
index 01ef84b29..c60f5d04c 100644
--- a/cmd/fleet/serve.go
+++ b/cmd/fleet/serve.go
@@ -680,10 +680,14 @@ the way that the Fleet server works.
 				}
 			}()
 
-			if err := cronSchedules.StartCronSchedule(func() (fleet.CronSchedule, error) {
-				return newFrequentCleanupsSchedule(ctx, instanceID, ds, liveQueryStore, logger)
-			}); err != nil {
-				initFatal(err, "failed to register frequent_cleanups schedule")
+			if config.Server.FrequentCleanupsEnabled {
+				if err := cronSchedules.StartCronSchedule(
+					func() (fleet.CronSchedule, error) {
+						return newFrequentCleanupsSchedule(ctx, instanceID, ds, liveQueryStore, logger)
+					},
+				); err != nil {
+					initFatal(err, "failed to register frequent_cleanups schedule")
+				}
 			}
 
 			if err := cronSchedules.StartCronSchedule(
diff --git a/server/config/config.go b/server/config/config.go
index e26831ec3..786172976 100644
--- a/server/config/config.go
+++ b/server/config/config.go
@@ -94,6 +94,7 @@ type ServerConfig struct {
 	Keepalive                   bool   `yaml:"keepalive"`
 	SandboxEnabled              bool   `yaml:"sandbox_enabled"`
 	WebsocketsAllowUnsafeOrigin bool   `yaml:"websockets_allow_unsafe_origin"`
+	FrequentCleanupsEnabled     bool   `yaml:"frequent_cleanups_enabled"`
 }
 
 func (s *ServerConfig) DefaultHTTPServer(ctx context.Context, handler http.Handler) *http.Server {
@@ -841,6 +842,7 @@ func (man Manager) addConfigs() {
 	man.addConfigBool("server.sandbox_enabled", false,
 		"When enabled, Fleet limits some features for the Sandbox")
 	man.addConfigBool("server.websockets_allow_unsafe_origin", false, "Disable checking the origin header on websocket connections, this is sometimes necessary when proxies rewrite origin headers between the client and the Fleet webserver")
+	man.addConfigBool("server.frequent_cleanups_enabled", false, "Enable frequent cleanups of expired data (15 minute interval)")
 
 	// Hide the sandbox flag as we don't want it to be discoverable for users for now
 	sandboxFlag := man.command.PersistentFlags().Lookup(flagNameFromConfigKey("server.sandbox_enabled"))
@@ -1191,6 +1193,7 @@ func (man Manager) LoadConfig() FleetConfig {
 			Keepalive:                   man.getConfigBool("server.keepalive"),
 			SandboxEnabled:              man.getConfigBool("server.sandbox_enabled"),
 			WebsocketsAllowUnsafeOrigin: man.getConfigBool("server.websockets_allow_unsafe_origin"),
+			FrequentCleanupsEnabled:     man.getConfigBool("server.frequent_cleanups_enabled"),
 		},
 		Auth: AuthConfig{
 			BcryptCost:  man.getConfigInt("auth.bcrypt_cost"),