Get started: Vault administrators
Welcome to Google Vault! This guide will walk you through the steps to get Vault up and running for your organization.
Before you proceed, make sure:
- You are a G Suite super administrator for your organization; only super administrators can complete the steps in this guide.
- You have G Suite or G Suite for Education.
- Google Vault has been purchased for your organization.
Click each step below to learn how to complete it.1. Assign Vault licenses
Assign licenses to everyone (full-domain licensing) or to just a subset of people (partial-domain licensing).
- Consult with people in your organization who understand its business and legal requirements to decide who needs a Vault license.
- Follow the steps in the full-domain or partial-domain licensing article.
Only users with appropriate permissions can log on to http://ediscovery.google.com.
- Sign in to the Admin console, using your administrator account email address (including username and domain) and password.
- On the dashboard, click Apps, then click G Suite.
- Click Vault and choose one of the following options:
- ON for everyone: everyone in your organization can access Vault.
- ON for some organizations: only organizational units (OUs) that you specify can access Vault. Learn more about creating OUs.
- OFF: no one in your organization can access Vault.
Grant privileges to employees who you want to create retention rules, place litigation holds, or perform investigations. This step is not mandatory for the initial setup of Vault.
Now that Google Vault is enabled and licenses have been assigned in the Admin console, sign in to Vault by doing the following:
- Go to https://ediscovery.google.com
- Sign in with your G Suite username and password.
Other authorized employees in your domain will sign in to Vault the same way after you've given them access.
Set default retention policies to control how long data is archived before being permanently expunged from user accounts and all Google systems. Your organization should have policies to cover the amount of time data should be retained. We recommend that you consult your organization's legal team when you set up retention rules.
Learn how retention works.
- In Vault, click Retention in the left navigation.
- Under Default retention rule, click Mail, Drive, or Groups.
- Check the Set a default retention rule box.
- Choose how long to keep messages or files:
- Choose Indefinitely to permanently retain data. Click Save to create the default retention rule. You're done!
- Enter a number of days, from 0 to 36,500:
- Mail and Groups—days from when the message was sent.
- Drive—days from when the file was either created or last modified.
- Choose what to do with data past the duration you selected:
Vault immediately begins the process of purging data that exceeds the retention coverage period as soon as you submit a new rule. This can include data users expect to keep. Do not proceed to the next step until you're sure the rule is configured correctly.
- Choose the first option to expunge just the messages or files that users have already deleted.
- Choose the second option to expunge all messages and files. This includes data that's in users' inboxes and Drives. It also includes data that has already been deleted.
- Click Continue.
- What happens after you set default retention rules: Unless a custom rule or hold applies to them, data is preserved according to the default retention rule.
- What happens when a user deletes a message or file: The message is removed from that user's account. However, when the default retention rule or a custom rule applies, the message or file is still available in Vault for the remainder of the retention period.
Google Vault is now up and running! Vault will preserve your domain's data as specified in the retention rules you configured. Learn more about the default retention rule and custom rules.