Archiving and ediscovery products like Google Apps Vault can also be used to enforce deletion policies. For example, if a company policy is to destroy all records after 2 years, then Apps Vault can be configured to expunge or permanently delete messages based on this retention policy.
Google Apps customers need to be aware of the various limitations of Google Apps Vault lest they get a false sense of security that their data is being preserved and/or deleted according to corporate policy.
1) The Mystery of Google Apps Vault
The Google Apps Vault interface is simple and straight forward. It's a real benefit to be able to clearly see see retention policies, matters and legal hold. However, how it works in the background remains a mystery, even to a majority of Google for Work Support Representatives we've worked with.
Google Apps Administrators and companies that decide to implement and deploy Google Apps Vault should take caution - the product is not well known and Administrators could be misled by Google support. In a recent mid-size enterprise implementation Google support's own misinformation caused significant delays in deployment of this critical ediscovery feature.
2) Hangouts Messages in Vault aren't archived correctly
Google touts the versatility of Hangouts for Apps customers and that chat messages are searchable through the standard Gmail interface. When it comes to Vault, Hangouts messages may take up to 30 days to appear and be available in Vault. Google claims this only happens occasionally, which occasionally is not acceptable in legal matters. There may also be instances when delayed messages aren't part of the original conversation thread and therefore not subject to the same retention rules.
3) Limitations in Working with Apps Vault for Google Drive
There are significant limitations of Apps Vault for Google Drive. Administrators should be aware that comments are included only when exporting Google Docs, The new Google Sheets and Google Slides. Comments are not exported with any other file type. Furthermore comments prior to June 2013 are not searchable in many cases and if you use search operators terms in comments aren't searchable. Google Apps for Governement users will find that only file titles are searchable - file contents are not.
4) Administrators without a Google Apps Vault License May be unable to sign in.
Google Apps Vault Admins who don't have a Vault license may not be able to sign into the main ediscovery product's website. The Google Apps team has provided a workaround for this but the workaround may not be desirable. To get into Vault when denied get a Google APps Administrator to temporarily disable and then re-enable access to Vault through the Google Apps Admin Console. The Apps Admin must turn the Vault Service Off and then back on (Reboot a cloud service) in order to re-enable Vault access for the administrator.
This process may actually take 24 hours to take effect and during the off time no user will have access to Google apps Vault. The Google Apps team does point out that all holds, retention and data in the Google Apps Vault will be preserved as long as you don't adjust licensing.
5) To Preserve data for users who leave your Organization, you need to keep a Google Apps License.
Google charges a monthly or yearly license fee for Google Apps users. There is no differention between active users who are daily engaged in using the Apps and users who are suspended. When a user leaves your organization you must pay for a full Google Apps for Work license in addition to the Google Apps Vault license.
Overall Google Apps Vault is a solid solution for basic ediscovery protection of organizations using Google for Work. As with any Google for Work product, support from the company is limited and uncertain for "break-fix" situations. Furthermore Apps Vault does not appear to be mature and widely used enough to implement without significant research, training and experience.