The following is a story of how Google Vault, [a service from Google meant to prevent users in Google Apps from deleting e-mail without any chance of recovery] deleted tens of thousands of e-mails.
I’ll cut to the chase, my issue here is that Google’s idea of a retention policy is asinine, stupid, crummy, bad, poorly executed.
They’ve set up a system that is meant to save e-mail, but has a default setting to remove all e-mail older than a time you set.
One of the first steps in setting up Google Vault is to set a “retention rule” a period of time to which even if a user deleted a message, it will still be saved, and searchable via the Google Vault tool. In ADDITION to that, every e-mail, in the entire domain, in every e-mail box, older than the retention rule, get’s deleted.
retention |riˈtenCHən|
noun
the continued possession, use, or control of something: the retention of direct control by central government.
• the fact of keeping something in one’s memory: the children’s retention of facts.
• the action of absorbing and continuing to hold a substance: the soil’s retention of moisture.
• failure to eliminate a substance from the body: eating too much salt can lead to fluid retention.
ORIGIN late Middle English (denoting the power to retain something): from Old French, from Latin retentio(n-), from retinere ‘hold back’ (see retain) .
I don’t see anything about removal in the definition of retention.
How can a service with the name “Vault” in it, with functions like “retention rule” be thought to force-ably delete e-mail?
It’s My Fault
Yes, it’s in their documentation.
Yes it’s my fault. I won’t argue against that, but I can still share my story, and claim that this is ridiculous. In my case, I thought Google Vault created copies of all the e-mails deleted, and the retention rule wouldn’t effect live e-mail mailboxes.
In this case of woe, setting a retention rule of two years did what I thought, which is save any e-mail that get’s deleted, so it can be recovered for up to two years of receiving it, BUT IT ALSO deleted every e-mail older than 2 years old in every mailbox.
Oops.
What if you deleted any e-mail older than two years for your entire company?
Road to Recovery
I contacted Google relentlessly for about 10 days, through their premium support channels, their answer? Sorry, no backsies, it says right in the documentation sir, it can’t be recovered.
I begged and pleaded, told them this is a government matter if I can’t get e-mails for court cases, that they must have backups, nope nothing. Polite, timely, completely useless responses.
Backupify
Luckily, about 2 years prior I set up my company with backupify.com a service meant not as an archival tool but backup for Google Apps. What I mean by this is if you received an e-mail, and immediately deleted it, then deleted it from the trash, Backupify wouldn’t necessarily have caught it in the routine backups. So Backupify doesn’t really work for legal recovery.
In this instance though, all e-mail older than 2 years old would be recoverable.
Whew.
The process isn’t easy by any means, while digging through support with Backupify, they admitted their tools and recommendations for downloading and then restoring e-mail is not elegant or fast, they just provide the data.
It’ll take months to silently download my users e-mail, sort through everything older than March 24th, 2013, and restore it, but at least it can be done.
Word to the wise, Google Vault retention policy doesn’t just mean save, it means save and delete.