How to enhance your security posture in your enterprise cloud: Case for Google Workspace

Episode 2: Data Retention: Google Vault and eDiscovery

Google Vault is an information governance and eDiscovery tool which allows organizations to retain, hold, search, and export users’ data within Google Workspace. Data can be kept for as long as you need it and also can be removed when you no longer need it. With such capabilities, it’s possible to be in compliance with data governance regulation by setting policies which align with the requirements of the regulating body. In this episode we will dive deep into the tool and see how we can utilise it to ensure no accidental erasure of data within Google Workspace. Google Vault can be used  for the retention of the  following data:
  • Gmail messages
  • Drive files
  • Google Chat messages (history turned on)
  • Google Meet recordings and associated chat, Q&A, and polls logs
  • Google Groups messages
  • Google Voice for Google Workspace text messages, voicemails and their transcripts, and call logs
  • New Google Sites
  • Classic Hangouts messages (history turned on)

How to set up Google Vault for data retention

Step 1. Buy Vault licenses – included in most GWS editions.  You can buy and assign licenses to everyone (full-organization licensing) or to only a subset of people (partial-organization licensing). Control who can sign in to Vault by  going to Step 2. (Optional) Grant Vault privileges to authorized users.  You can grant privileges to users who you want to create retention rules, place holds, or perform investigations. Then sign in to Vault  go to Google Vault in order to set retention rules.
Step 3 . Set your organization’s default retention rules
  • Click Retention from step 4 above. If Retention isn’t listed, ask a Google Workspace administrator to give you Manage retention policies privilege.
  • On the Default rules tab, click a service,  for instance  Gmail, Drive  or Chat then choose how long to keep messages or files:
    • To permanently retain data, select Indefinitely
    • To retain data for a set time, select Retention period and enter the number of days, from 1 to 36,500
  • If you set a retention period, choose what to do with data after the retention period expires:
    • To purge only the data that users have already deleted, choose the first option.
    • To purge all data, choose the second option. This rule can purge data that users expect to keep, such as messages in their Gmail inbox or files in Drive
  • Click Create. If you set a retention period, Vault asks you to confirm you understand the effects of this retention rule. Check the boxes and click Accept to create the rule.
  • Repeat this process for all services you want to set default retention rules for.
Stay tuned, in our next episodes, we shall cover topics in the following areas:
  1. Data Loss Prevention (DLP) for Gmail
  2. Data Loss Prevention (DLP) for Drive
  3. Deleting Accidental Sent emails in your domain
  4. Security Center: Investigation tool
  5. Google EMM: Remote Wipe Devices: Windows, Android and iPhone