At a time when 49% of businesses say they’ve experienced data loss in Google Workspace and other cloud platforms, it’s critical that organizations implement SaaS backup.
While Google’s cloud does provide some inherent protection against external attacks, data loss is still common. Business-critical files are lost, accidentally deleted or maliciously destroyed, even by internal employees. Cloud files can also be infected with ransomware or other malware, such as when local files are infected and then mirrored to Google Drive.
Google Workspace data loss can disrupt operations, hurt productivity and lead to significant financial losses. Having a backup of this cloud data ensures that organizations can quickly recover lost SaaS files and avoid a costly business disruption.
Critical data at risk in Google Workspace
To understand the common causes of Google Workspace data loss, it’s important to first identify what that data looks like and its value to the organization.
More than 6 million businesses use Google Workspace, including 40% of Fortune 500 companies, according to data highlighted by MarketSplash. Formerly known as G Suite, Google’s cloud-based productivity platform includes an array of services and applications that enable users to work, collaborate and communicate from anywhere, generally without the need to install any software.
All of that data is stored in the cloud, including:
- Gmail emails
- Calendar entries
- Contacts data
- Google Drive files
- Google Meet video conferencing files
- Google Docs documents
- Google Sheets spreadsheets
- Google Slides presentation files
- Google Chat conversations
Using Google’s cloud services does provide some protection against the risk of data loss. Since the data is not stored locally, it cannot be destroyed if the user’s device is destroyed or if the company servers fail.
However, there are many other common causes of Google Workspace data loss. And, since Google only assures availability in its service-level agreements, not the actual data itself, organizations must proactively back up these files if they don’t want to risk losing them permanently.
Top causes of Google Workspace data loss
1) Accidental deletion
This is one of the most common reasons for data loss in Google Workspace and similar productivity suites, such as Microsoft 365. Users accidentally delete documents, emails, spreadsheets and other files. In some cases, entire shared folders of critical files are inadvertently deleted. Often, this is because a user or admin believed those files were no longer needed. In other cases, it’s simply a mistake with no clear explanation how, why or when it happened.
AGoogle does retain deleted data temporarily – typically for 30 days. Additionally, Google’s data retention tool, known as Google Vault, allows organizations to set parameters for retaining data semi-permanently, even if users delete the files. However, this doesn’t apply to all data within Google Workspace. Plus, there are numerous scenarios in which the data can still be permanently deleted forever, especially if Vault has not been adequately configured.
2) Expired/cancelled Google Workspace Accounts
Google is very clear about this: “After you cancel your Google Workspace subscription, your users’ Google Workspace data will be deleted and can’t be restored.”
Despite the warning, this is a very common cause of data loss in Google Workspace. Why? Often, it’s because an organization fails to renew a user’s account if that user leaves the company. The employee leaves, and the account is allowed to expire. Later, somebody realizes that the user’s account contained valuable files that are still needed by other teams and/or the user’s replacement. But by then it’s too late.
Ideally, organizations should enact more stringent data-retention policies that prevent these situations from occurring. But even then, mistakes will still happen, which is why independent backups for Google Workspace are so important.
3) Botched migrations
Any time you move a lot of data, there’s a risk of files being accidentally deleted or overwritten. In Google Workspace, this is most likely to happen within Google Drive. For example, users or admins might attempt to move folders to another directory, but the data is accidentally placed in another location. Or, on a larger scale, an organization might use a third-party migration tool to move data from other apps into Google (or vice versa). But any error during that migration can result in large volumes of data being destroyed.
Having a Google Workspace backup ensures that organizations can quickly recover their data if it’s been compromised during a migration.
4) Malicious deletion (external)
In a recent survey of 381 IT professionals conducted by Enterprise Strategy Group, 19% said their organization had SaaS data maliciously destroyed by external actors.
These attacks can be conducted by hackers who manage to steal users’ credentials (often with threats of extortion), or they can be targeted by individuals who have a vengeance against the company, such as former employees. In either scenario, businesses can lose a lot of data when these deletions occur. If it’s caught early enough, admins may be able to restore the data directly within Google Workspace. But if the deletion goes unnoticed, then it could be permanently erased before anyone can do anything about it.
5) Internal, intentional deletion
In the same survey of nearly 400 companies, 6% said they lost data due to internal users maliciously deleting it. Why do they do it? In many cases, the act is carried out by employees who feel they have been wronged by the company, their managers or even their peers.
In 2021, a disgruntled employee of a New York credit union was convicted for deleting more than 21 gigabytes of data from the bank’s server (including their anti-ransomware software). Thankfully, the credit union was able to restore the data from backups, but the incident still cost more than $10,000 in remediation. This incident alone shows how devastating an internal attack can be. And since most organizations do not back up their Google Workspace data, businesses have little to no recovery options if their cloud files are maliciously destroyed.
6) Integration errors
As of this writing, more than 5,000 third-party apps are available in the Google Workspace Marketplace that can be integrated with Google’s SaaS apps. But just because these apps are available in the official marketplace does not mean they are completely safe or bug-free. Additionally, even the best third-party integrations can lead to permanent Google Workspace data loss if it’s not configured correctly.
To be fair, integrations can be a great way to maximize productivity with Google’s SaaS apps. But anytime you give a third-party app access to your data, you put that data at risk. Errors during the integration process or the use of the third-party app can lead to data being deleted, overwritten or lost, whether it’s the fault of the developer or the user.
Additionally, if a third-party app is compromised, it opens the door for hackers to access your data. According to statistics from The Hacker News, 40% of Workspace apps with “high-risk scopes” gain the ability to delete all Google Drive files. Unfortunately, end users often add these integrations without oversight from IT.
“Most employees don’t even realize that [SaaS-to-SaaS integrations], which require scopes like the ability to read, update, create, and delete content, increases their organization’s attack surface in a significant way. Third-party app connections typically take place outside the view of the security team, are not vetted to understand the level of risk they pose.”
– The Hacker News, February 2023
7) Ransomware and malware
In a traditional ransomware attack, local devices are typically infected by malicious email attachments, websites or exploited system vulnerabilities. The ransomware attempts to infect every file it can, including network directories, spreading as far as it can. If a SaaS app is 100% cloud-based, then there’s usually not a risk of it being compromised by ransomware, since it’s not connected to the local files.
But that’s not exactly true for Google Workspace. It’s common for Workspace users to mirror local folders to Google Drive, which creates the risk that Drive files will be infected in a ransomware attack. Additionally, if any third-party software (especially local software) is integrated with Google Workspace, that creates another entry method for the ransomware to infect the cloud data.
Even if the organization backs up local servers, an additional Google Workspace backup is needed to ensure a failsafe for the cloud-based SaaS data.
The business impact of SaaS data loss
Losing data within Google Workspace and other SaaS applications can have an immediate and lasting effect on the business. On the user level, it creates obstacles that slow down your employees. For large-scale data loss, these incidents can create costly setbacks for the entire organization.
Consequences of Google Workspace data loss:
- Lost productivity: When employees lose access to important files, it prevents them from doing their jobs efficiently. Time spent recovering or recreating lost data is a costly drain on productivity.
- Increased strain on IT / help desk: Even when some files can be recovered via Google Vault or other methods, responding to these incidents takes a toll on IT teams. It eats up your valuable IT resources, pulling them away from other pressing tasks and ultimately hurting the company’s bottom line.
- Disruption to critical services: When your Google Workspace data is tied directly to the services you provide, a sudden data-loss incident can immediately derail the business. A disruption to critical services can be extremely costly. And, when it affects customers, it can cause long-term reputational damage.
- Employee/operational downtime: When large amounts of data are destroyed—such as in a ransomware attack—operations can grind to a halt, idling your employees. This is more than just a productivity loss. It amounts to costly downtime and wasted employee wages, which increase with each passing minute that employees are unable to do their jobs.
- Permanent data loss: If Google Workspace data is lost permanently, the financial losses can mount in several ways. Company resources are wasted on efforts to recreate the data from scratch (if it’s even possible). In turn, this also inhibits company growth and prevents the company from achieving its business goals.
Solutions for preventing Google Workspace Data Loss
Implementing a Google Workspace backup is key to preventing costly SaaS data loss. By backing up Google Workspace to a secondary cloud (sometimes referred to as “cloud to cloud” or “direct-to-cloud” backup), businesses can easily restore lost data from Google Drive, Gmail, Contacts and other Workspace apps.
- Datto SaaS Protection for Google Workspace: Datto SaaS Protection performs automated backups of your Google Workspace data three times a day. If data loss occurs, recovering it is fast and easy with a one-click restore function that allows you to restore Gmail, Calendar, Contacts and Drive data.
- Redstor Google Workspace Backup: Redstor can be used to back up several SaaS applications, including Google Workspace. Backups run daily, protecting Gmail, Contacts, Calendar, Drive, Classroom and more. Data can be recovered back to the cloud, to a physical machine, or to a temporary virtual drive.
Both Datto and Redstor also offer built-in threat detection, which scans the Google Workspace backups for suspicious files and isolates them before they snowball into full-blown infections.
Google Workspace data loss can be costly and disruptive for any business that relies on the productivity suite. About 1 in 2 companies report losing data in SaaS apps like Google’s, due to a variety of causes, including accidental deletion, malicious attacks and migration mistakes. While Google has limited options for backing up Workspace data, third-party solutions from Datto and Redstor provide the vital protection that today’s organizations need. With independent Workspace backups, companies can rapidly restore critical data that has been deleted, misplaced or destroyed within Google’s cloud apps.