To what extent do Google’s native tools support backup and recovery?
IT professionals are often under the misapprehension that there is no need to back up cloud services such as Google Workspace.
However, to think that a SaaS vendor like Google can always restore the data you store in its cloud is a perilous presumption. Google’s disaster recovery systems can protect you from disk fails and natural disasters, but their internal backups are not accessible to end customers, leaving you susceptible to user error or malicious acts.
Without the protection of third-party software, there are many scenarios that will jeopardise the files, spreadsheets and private information that you have in Google Workspace.
SaaS vendors are unable and unwilling to protect your data in all eventualities. Keeping data accessible is down to you when it comes to dealing with user error, legal retention requirements, malicious content or a cyber attack.
Google Vault, a storage service in Workspace, exists for data retention and eDiscovery, but it should not be confused with a backup or recovery product.
In the numerous terms of service for Google, Google Workspace and its individual apps, there is no acceptance of responsibility for preventing data loss, only a disclaimer for:
Google’s total liability is limited to the greater of £500 or 125% of fees paid in the last year.
Gmail: Deleted emails are kept in the Trash folder for 30 days. Emails stored in Trash are permanently deleted and cannot be recovered after the 30-day period.
Google Drive: Deleted items are kept in the Trash folder for 30 days. Administrators can only restore items permanently deleted from approximately 25 days ago. Items are permanently deleted after 30 days in Google Drive Trash folder.
Google Calendar: Deleted calendars and events are kept in the Trash folder. Calendars and events are permanently deleted and cannot be recovered after the 30-day period.
Google Contacts: The contacts can be restored back to any state in the past 30 days by the undo option.
Without full control of your data, the capability to act straight away once an issue becomes apparent may be taken out of your hands. In January 2020 Google Drive suffered a server failure, leading to widespread service disruption all around the world.
Users were left waiting for an hour before hearing they could again access Google Drive, including Docs, Sheets and Slides.
If business continuity is important to the head of your organisation, then as an IT manager you need to show you can get everyone back up and running quickly when things go wrong - not receive a stark reminder that Google does not provide backup. Unless you have a separate backup strategy, you are left powerless with no option but to wait until Google recovers . . . and it’s worth noting that the outage was their second in a week.
Google Workspace empties your Trash folder automatically every 30 days - and deleted Gmail emails cannot be recovered by the user after Trash has been emptied.
Admins can restore permanently deleted items 25 days after permanent deletion and via Audit API, if they have that capability, for an extra five days - after that the data is gone.
Google Workspace's basic package comes with 30GB storage per employee and Enterprise, the top plan offers unlimited storage, while from July 2022 Workspace for Education provides 100TB of pooled storage across all users. Google One offers the option of additional storage, but no matter how much you buy, you'll still be stuck with 30 days of version history.
If you need to keep files safe, Google Vault allows admins to set retention rules on how long email messages and history on chats are saved.
However, a member of staff will need to keep on top of this and that means finding someone with the expertise to dedicate to backup and disaster recovery processes.
As an admin, you can restore lost data (except for email drafts or data from the Trash) for up to 10 users in Gmail and/or Google Drive, but this method of data recovery only works on data deleted within the last 25 days.
Google Vault also deletes data of inactive accounts which is not good for regulatory compliance, does not offer point-in-time restores and also doesn’t back up all data, like Calendar and Contacts.
There’s no way Google Workspace can see where end-users might have accidentally or maliciously deleted files and folders.
Google Drive retention policy is the same as Google Apps, so after a document is deleted, you have only 25 days to recover it. What if, during legal action months or years later, your organisation suddenly finds it needs those deleted files?
It might prove very difficult to comply with regulations that stipulate data is retained within certain time frames.
When data is on many different laptops, issues arise around complying with the General Data Protection Regulation.
Ensuring timely recovery is not the only challenge, addressing Subject Access Requests will be time-consuming if data is distributed far and wide.
However, you can have it all in one place, if a third-party backup provider protects your Workspace data as well as whatever else you hold dear.
Just one of the reasons why Gartner, IDC and Forrester recommend using a third-party backup provider to protect Google Workspace.
What happens when users accidentally or intentionally delete or overwrite files?
Google Workspace provides very limited built-in data protection. There are no backups of contacts, no recovery of individual Gmail messages or Drive files against deletions, overwrites and against ransomware.If you delete a user, whether you meant to or not, that deletion is replicated across the network.
An administrator can restore a deleted user account for up to 20 days after date of deletion.
After 20 days, the Admin console permanently deletes the user account, and it can’t be restored, even if you contact Google technical support.
Once an item is purged from the mailbox database, it is unrecoverable.
This could have far-reaching effects if a rogue employee deletes incriminating emails or files.
There is also the issue of being able to recover information without overwriting any changes you may have made after the recovery time.
A non-destructive recovery provided by a third-party backup provider lets you search for time-specific data and recover it – without worrying that users will lose later drafts of the same files.
Mistaken overwrites and migration errors can lead to loss of data, loss of time and loss of money.
Even if retrieval is achievable, the process may be lengthy and complex - and there is also the inflexibility of destructive entire restores.
An administrator will need to be in communication with the user in order check whether files and/or messages appear in user’s Gmail/Drive and confirm the recovery.
Restoring large amounts of data may take several hours and the administrator alone will not be able to see whether the recovery is complete. That will necessitate checking with the user to see if it is done, or if it's still in progress. Google concentrates on providing availability and cannot be expected to focus elsewhere on extended retention or old user data. Being solely reliant on Google Support for help recovering lost data can be very time consuming.
Even if your files are stored on the Google Drive cloud, your data could be infected by malicious viruses.
Ransomware can infect your users' machines and encrypt the information stored on their computers, including Google Drive files and other Google Workspace data.
However, a third-party can protect your Google Drive files by guaranteeing recovery from ransomware with isolated, offsite protection.
Regular backups will help ensure a separate copy of your data is uninfected and that you can recover Google data quickly to an instance before the attack.
All organisations should have anti-virus software, but to prevent backups from being infected, the National Cyber Security Centre recommends an extra layer of protection, like artificial intelligence to check for suspicious files that may lay hidden for weeks or even months.
The capability to detect and remove malicious files from backups helps ensure you can make malware-free recoveries. It could also lower the cost of any cyber insurance you take out.
Companies nowadays require a separation of roles as a security standard.
Having your backup in the production platform allows for a single point of failure. Google administrators could also potentially assign themselves full access to search and export from Google Workspace mailboxes and labels. This would enable them to delete a file. Without third-party backup, you might find that file, depending on the retention policy, may be irretrievable.
Protect Google Workspace data within your organisation, directly from Google’s cloud, all through an intuitive web interface.
Extend retention and cater for deleted users with a diverse backup strategy that addresses compliance issues as well as simplifying your data backup systems with one central, easy-to-use system.
Gain borderless visibility of your entire data estate at any time, on any device.
RedApp, the Redstor App, gives you a centralised view of multiple sites, wherever you are.
Manage by exception and easily evidence compliance.
Redstor’s data management solution includes role-based access control and auditing, which helps companies to comply with current and upcoming data protection laws, while also allowing a different department or administrator to hold the rights for restores.