Google Vault 101: The Basics

As companies embrace cloud collaboration tools like Google Workspace, they face mounting legal risks and data integrity challenges. To combat this, IT, Security, and Legal professionals are turning to Google Vault. 

When Vault launched in 2012, it transformed the landscape of legal investigations and litigation holds for businesses using Google Workspace. However, its significance goes beyond its beginnings. 

Today, Google defines Vault as “an information governance and eDiscovery tool” for Google Workspace. This means with Vault, administrators can retain, hold, search, and export users’ Google Workspace data, helping with compliance, legal, and security needs. 

In this post, we’ll cover all the basics about Google Vault, including which Google plans support Vault, Vault’s primary use cases, what Google services it supports, essential terms to know, and more.

Who can use Google Vault?

If your company is using the following plans, super administrators can set up Google Vault. These plans have Vault’s licenses included: Business Plus, Enterprise, Enterprise Essentials (domain-verified only), Education Fundamentals and Plus, and G Suite Business. Administrators can also buy Vault add-on licenses for the Frontline and G Suite Basic plans. 

For Vault to search and retain a user’s data, that account needs to have a Google Workspace license and a Vault license. 

Using Vault is typically a team effort. While IT or Security might be administering the tool, Legal and Compliance teams often have guidance for them or are using the tool themselves for investigations. 

Here are a few of the teams and individuals who can be involved with Vault: 

IT administrators can use Google Vault to manage data retention policies and legal holds across the organization. They may also use it to search for and export data in response to technical or security inquiries.

Legal teams may use Vault or ask their IT or Security counterparts to use Vault to assist them in litigation preparation and during the eDiscovery process. Legal holds can be placed on users’ data, searches performed for relevant data, and exports can be downloaded for further review. Legal teams are also often involved in data retention policy requirements.

Compliance officers can use Vault or work with Vault administrators to ensure the organization is adhering to relevant data retention regulations. Retention policies can be set to automatically retain or delete data after a certain period.

Security teams may use Vault as a tool in incident response, for example, by searching the communications of a user who is suspected of being compromised. They can search through documents, emails, and chats to identify potential security threats or anomalies.

HR professionals might use Vault or ask administrators to use Vault for internal investigations, such as in cases of alleged harassment or other misconduct. Specific terms can be searched for in a user’s account to gather relevant evidence.

What are the primary use cases for Vault?

Google Vault helps organizations that use Google Workspace comply with regulatory, compliance, and legal requirements for data retention, eDiscovery, and legal holds. 

Here are four primary use cases for Google Vault:

Data retention

Vault aids with data retention, guaranteeing that data is stored for a necessary timeframe for compliance and industry requirements, and then is appropriately disposed of when it becomes unnecessary. This helps companies with preserving data integrity, optimizing storage resources, and adhering to data protection regulations. 

Legal holds

Businesses can preserve data that may be essential for legal proceedings by using Vault to create legal holds. By applying legal holds to specific data, organizations can guarantee the retention and integrity of the information, mitigating the risk of data loss or tampering that could potentially influence court cases. 

Investigations

When it comes to eDiscovery, litigation, and other legal or security investigations, Vault helps administrators search for and retrieve precise data and documents. This functionality simplifies the investigative process for identifying and addressing issues or potential misconduct, or documenting investigation findings for litigation, resulting in a more streamlined process. 

Access control and auditing

Administrators can manage access to Google Vault within their organization, ensuring that only authorized individuals can utilize the tool. By monitoring and tracking usage, they prevent any improper or unauthorized usage. Given the extensive range of information available in Vault, it is crucial to manage access and perform regular audits to track the activities of Vault users, as needed.

Supported services

Google Vault offers search capabilities and protections for the following types of services: 

  • Gmail
  • Google Drive
  • Google Groups
  • Google Chat
  • Classic Hangouts
  • Google Meet
  • Google Voice 
  • Google Sites

Further information on supported services can be found here.

Terms to know

A few key terms to understand when using Google Vault include:

    • Matter: In Google Vault, a matter provides a place to organize the holds, searches, and exports related to an eDiscovery project. 
    • eDiscovery: Electronic discovery, or eDiscovery, is the process of identifying, collecting, and preserving electronic information for legal purposes, typically in the context of litigation or investigations.
    • Holds: Holds are usually created for a specific investigation or legal issue. They apply to individual accounts, organizational units, or groups. They preserve data for an indefinite period of time, until the hold is deleted.
    • Searches: Vault users can conduct searches across services within Google Workspace, spanning across all accounts, to locate a message, document, or chat required for a legal case or to address a company issue. 
    • Exports: After searching for and identifying relevant data, administrators can export it as a usable file. The export includes information that shows its relevance to the search, along with metadata that proves it’s the same data stored on Google’s servers. This information can be exported in the following formats: PST, MBOX, XML, and CSV. 
    • Audits: Administrators can audit the actions performed by Vault users. This can be done either on a comprehensive level encompassing all of Vault or by focusing on a particular matter. 
    • Retention Policies: Data retention policies are used to meet compliance and industry regulations. Various US federal laws and regulations and compliance frameworks deal with data retention, including ISO, PCI, and HIPAA. Data retention requirements also vary depending on the nature/industry of your company.

How to set up Vault for an organization

Please note: Super administrator status is needed to set up Vault. For information, visit here. To get started, super administrators will need to set up Vault for their organizations. Here’s a quick overview of the first steps: 

1. Buy Vault licenses.

    • Companies will need a Vault license for every user that they need to retain and search data for. 
    • Administrators can buy and assign licenses to everyone or to a subset of people in their organizations.
    • Please find information on buying licenses here and assigning them here.  

2. Control who can sign in to Vault. For further information, visit here.

3. Grant Vault privileges. For more information, visit here.

4. Set an organization’s default retention rules. For more information, visit here.

5. Consider enabling comprehensive message storage. In addition to Gmail, users can use other core services to send emails. Comprehensive mail storage guarantees that messages sent through these services will be visible in users’ sent folders and remain accessible in Vault. More information here.

To fully utilize Vault, IT or Security teams may need to incorporate its functionality with other tools and processes used by the business. One way to do this is through the Google Vault API, which lets administrators programmatically manage legal matters and holds. This helps leverage the complete potential of Vault in conjunction with existing systems. For more information, visit the Developer’s Guide

Google Vault empowers administrators with the functions crucial for managing data across different aspects of an organization’s operations. It has become a valuable tool for compliance, eDiscovery and security investigations, and more.

Vault helps businesses adhere to strict standards and guidelines. From compliance to investigations, legal holds to data retention, Google Vault caters to the diverse needs of companies and administrators. To learn more about how to implement Vault in your organization, download our complete guide.

Incredible companies use Nira

Every company that uses Google Workspace should be using Nira.
Bryan Wise
Bryan Wise,
Former VP of IT at GitLab

Incredible companies use Nira