Skip to content

Why You Need Backup for Google Workspace

The top 3 misconceptions made by Google Workspace admins

If you’re wondering, “is my data truly protected by relying only Google Workspace’s default backup and recovery solution,” then you’re in the right place. Cloud applications, like Google Workspace, are an integral part of our daily life – we push data to the cloud constantly. I do it when I send an email on Gmail, share a document with coworkers via Drive, or add my mother-in-law’s birthday to my Google Calendar (better not forget it again!).

But is relying on Google’s default data protection enough? What are the main misconceptions when it comes to Google Workspace data backup and recovery?

Misconception #1: Relying on Google Workspace’s default data protection is enough

If you think Google apps is a secure platform, you’re right: Google platform is a secure, resilient, and reliable solution, and protecting data is their top priority.

As much as Google will likely never lose the data you are storing on their platform, they do not cover you if the data loss happens from your side. Google’s default data protection does not protect you against human error, malicious actions, ransomware and hackers, and synchronization errors. You are responsible for ensuring the necessary protection of your data.

Based on an Enterprise Strategy Group (ESG) survey, only 13% of the businesses surveyed understood that protecting their SaaS data is their responsibility, not the responsibility of the SaaS vendor.

According to ESG SaaS data protection research, 45% of organizations using SaaS attribute data losses they’ve experienced to deletion, whether accidental or malicious. When this happens with Google Workspace, Google is not able to identify if the deletion was intentional or not. The data will be deleted and totally unrecoverable once past Google Workspace trash bin’s retention time, a mere 30-days later.

You need a solid backup and recovery solution for your Google Workspace.

Misconception #2: I don’t need a third-party backup and recovery solution, I have Google Vault

As a subscribed user to certain editions of Google Workspace, you have access to Google’s retention and eDiscovery tool: Google Vault. With Vault, you can retain, hold, search, and export some users’ Google Workspace data.

Yet, Google Vault is not a backup tool. To this frequently asked question, “Is Vault a data backup or archive tool?” Google itself answers, “No. Vault isn’t designed to be a backup or archive tool.”

Based on Google’s own support website, here are reasons why you shouldn’t use Google Vault for backups:

  • Vault exports aren’t designed for large-scale or high-volume data backups. You can export data for a limited number of accounts and only for one Google service at a time. Vault also doesn’t allow many parallel exports or scheduling automatic exports.
  • Vault exports are prepared for legal discovery purposes, not efficient data processing. Vault can’t create differential backups or deduplicate data. For example, a Drive export includes all items the searched account has access to. When many accounts have access to the same items, they’re exported for each account, resulting in lots of duplicated data.
  • Vault doesn’t support all Google services. Vault can export data only from supported Google services. Vault doesn’t support services such as Calendar for instance.
  • Restoring data from Vault export files is hard. Vault doesn’t have any automated recovery tools.

Google Vault is not designed to recover lost or corrupted data and it cannot perform a which is a critical feature of any third-party backup and recovery tool.

Additionally, Google Vault does not keep ex-users’ data. For example, if an employee departs from your company and, as the admin, you delete his user Google Workspace account, all his data saved within their Vault will be also deleted. To save those data, it would require you to transfer all the employee’s data out of the Vault before deleting the account.

Misconception #3: A third-party tool can only help with backup data

By now, you know that backing up your Google Workspace data is your responsibility, not Google’s. It’s a common misconception that third-party backup solutions are a cost center purely performing secure backup and allowing for data recovery. These are the fundamentals, but there’s much more to it:

Benefit #1 – Cost savings

Budget constraints are making it harder than ever to implement new IT initiatives for IT Managers – They need to do more with less and maximize available resources.

Of course, deploying a backup and recovery solution for your SaaS applications comes with a cost, yet there are important (and substantial) cost-savings opportunities.

The first is through reduced SaaS licensing fees. Based on a recent Total Economic Impact report done by Forrester, companies save on months of SaaS licensing fees for employees who leave the organization – or around 10% of the work force per year. This number can be much higher if organizations use a lot of temporary staff or contractors. Having all historical data available simplifies data management and employee onboarding and offboarding.

The second is reduced auditing and legal costs. In the same TEI report, one of the organizations surveyed shared that seven days of auditor and lawyer costs are avoided each year by having SaaS data availability.

Benefit #2 – Regulatory compliance

Handling sensitive data is subject to stringent record retention and data reproduction requirements for all public records. With a proper backup and recovery solution, you can expect to:

  • Gain access to fast information discovery
  • Easy retention policy management
  • Additional rights to ensure compliance with applicable outsourcing regulatory requirements (e.g., extended audit rights, chain-sourcing approval rights).

In addition, data center facilities leveraged to store the data have high physical security standards and certifications (ISO 27001, SOC-2, ISAE 3402, PCI/DSS, HIPAA). It is important that you ask your vendor what they offer regarding regulatory compliance and data center certifications when investigating which tool to deploy.

Benefit #3 – Real disaster recovery

Third-party backup and recovery solutions must (not should) allow you to perform disaster recovery. The shortlist of important points to look for when selecting your solution:

  • Data availability: Get access to all your data, at any time, from anywhere. A proper backup solution provides you with unlimited storage, is cloud-based so you can always access your data, and it should reside on its own cloud for enhanced security and control.
  • Hot storage of data: Get your data on demand
  • Quick restore options for data: Restore fast, regardless of if it’s a single email or an entire point-in-time backup for your organization
  • On-the-go backup status monitor: Get updated with a mobile admin app

Keepit Backup and Recovery for Google Workspace

Keepit for Google Workspace is the world’s only independent cloud dedicated to backup and recovery. It is easy to use and keeps your Google Workspace data highly secure, always available, and instantly restorable.

Keep your data available 24/7 with automatic backup and unlimited storage
Quickly find and restore data, whether you want to restore one single email or an entire snapshot for your organization.

Easy to set up, easy to use, easy to scale
Keepit is a set-and-forget installation that is easy to use: No training needed. You can integrate it with your existing system thanks to our API-first approach. No hidden fees, no surprises, and 24/7 support.

Choose the World’s only independent cloud for immutable data
Security is in our DNA. Once your data is backed up with Keepit, it is made immutable and undeletable thanks to blockchain-verified technology. It is a priority for us to provide you with excellent reliability, great backup and restore performance, instant access to individual files, multi-factor authentication, and data encryption at rest and in transit.

Learn more on our Google Workspace backup and recovery

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Prometheus vs Nagios vs Pandora FMS: Never before has such combat been seen!

You already know that in this house we love comparisons. Somehow you have to elucidate which is the best monitoring tool on the market, right?

Well, this time we bring you the final battle between three great ones.  Prometheus vs Nagios vs Pandora FMS. Nothing like that had ever been seen before in the ring!

Let the bell ring!

Prometheus vs Nagios vs Pandora FMS, the final battle

What is Prometheus?

Prometheus seeks to be a new generation within open source monitoring tools. 

A different approach with no legacies from the past.

*You know, for years, many monitoring tools have been related to Nagios by its architecture and philosophy or directly for being an total fork (CheckMk, Centreon, OpsView, Icinga, Naemon, Shinken, Vigilo NMS, NetXMS, OP5 and others).

Prometheus however, is true to the “Open” spirit: if you want to use it, you will have to put together several pieces.

Somehow, we can say that like Nagios, it is a kind of Ikea of monitoring. You’ll be able to do lots of things with it, but you’ll need to put the pieces together yourself and devote lots of time to it.

Prometheus is a data collection tool that works with time series data. 

Many companies that need to integrate a tool into their developments and operations choose Prometheus as their primary source of monitoring data because it easily adapts to most software architectures, quickly integrates with most modern technologies, and becomes a kind of data acquisition and management middleware standard.

It is usually integrated with Grafana to display data, as the Prometheus user interface is quite basic.

What is Nagios?

Nagios is a classic reference in IT monitoring. You can already see some previous comparisons of ours, with this tool.

What is Pandora FMS?

Pandora FMS is an all-in-one monitoring software used for both IT monitoring and integrating monitoring processes of all kinds, from IoT projects to business tracking projects.


Prometheus and Nagios/Pandora FMS on the other hand offer many different features. 

The type of data Nagios works with is very closed and focuses on states, being able to collect numerical metrics. 

Prometheus in raw data

Pandora FMS manages both with flexibility, although Prometheus is undoubtedly the most flexible when it comes to managing open data.

Prometheus collects data from applications that send metrics to their API endpoints (or exporters). 

Nagios uses agents that are installed on servers and through SNMP checks. It has a large and heterogeneous plugin system to collect data from other sources. One of its great virtues is this ecosystem (Nagios Exchange).

Pandora FMS has a more centralized system for remote polling (SSH, WMI, SNMP, web transactions, etc.) and is much more convenient to manage by its unified web interface. 

It also allows, like Nagios, to collect logs and process Netflow data streams, which Morpheus does not even contemplate.

Reports and control boards

As we said before, the charts and dashboards provided by Prometheus do not meet the current needs of DevOps that are very focused on creating their own dashboards, charts with combined data, and generating screens that serve to show other people. 

Many Prometheus users use other visualization tools to display metrics collected by Prometheus, often Grafana.

Nagios comes with a set of dashboards that conform to the monitoring requirements of networks and infrastructure components. 

However, it lags far behind in this area. Although it has visual screens and other third-party plugins for reporting, it is perhaps one of its weakest points.

Pandora FMS, however, has excellent graphics, custom dashboards (dashboards) and visual screens (Visual Console) that allow you to customize the appearance of the collected data. 

On the other hand, its system of templates and reports is extremely powerful and flexible, especially regarding Top-N type reports, different SLAs and all kinds and examples of charts, lists and summary tables.

Nagios XI

Grafana + Prometheus

Pandora FMS

Management, configuration, operation, installation and update

Perhaps this is the big difference between Pandora FMS on the one hand and Prometheus and Nagios on the other. 

While in Pandora FMS 99% of the configuration is through a graphical interface, with Prometheus and Nagios you will have to deal with configuration files and constant reboots. 

The same happens when you want to update, it is a process that requires Linux knowledge and managing with the shell

In Pandora FMS, it is fully automatic. 

As for Pandora FMS initial installation, it can be done using a docker or an online installation with a single command. 

In Prometheus and Nagios the installation can be tedious although preconfigured images already exist with Docker. 

None of the three tools is click & play anyway. None is a toy that can be simplified since all three are powerful multipurpose and extremely versatile tools.


Prometheus has been growing in recent years, and has more and more extensions. 

However, the leader in this category is Nagios, who remains the reference of the community and has the largest library of extensions.
Although Pandora FMS already has a large library of plugins (mostly Enterprise applications), it is behind that of Nagios.

What will you miss in Prometheus?

Particularly, reports, dashboards and a centralized configuration management system

An interface that allows observing and monitoring grouped information in services / hosts. 

Actually, in order to do something you will have to install Prometheus and a set of applications to integrate them together.

What will you miss in Nagios?

A centralized management interface. Wizards, customizable reports and above all, unified management of agent configuration.

What are the great disadvantages of Prometheus over Nagios or Pandora FMS?

Prometheus is designed to work with data. 

It has no statuses, no service groupings, and you will not have a view that respects a hierarchy of elements that you can associate with your organization (networks, system groups, hosts).

Prometheus is a data processing ecosystem, not a common IT monitoring system. 

Its power in data processing is far superior than that of Nagios, but the use of that data for day-to-day use makes it extremely complex to manage, as it requires many configuration files, many external commands distributed and everything must be maintained manually.

The graphical interface also does not help, as it is excessively simple and does not allow you to configure anything.

We can say that like Nagios, it is a kind of monitoring Ikea, and that Nagios is much more limited in terms of its data processing power, but much more specific when it comes to using that data for something useful and visible.


Comparing Prometheus with Nagios is not fair as they have different approaches, Nagios is much more prepared for traditional IT monitoring, in less time, with less complexity and with more understandable results, even though it is older technology and with a much more rigid architecture that becomes difficult to integrate with the requirements of today’s hybrid environments.

Nagios and Pandora FMS have more resemblance to each other than either of the other two. 

However, Pandora FMS integrates better than Nagios with external development processes, since like Prometheus, it also works with raw data as a source of information. 

Unlike Prometheus, Pandora FMS uses an SQL backend allowing easier integration. 

On the other hand, like Prometheus, Nagios has many “additional” interfaces that are ultimately needed to display maps, graphs, and other types of reporting. 

In Pandora FMS everything is “included” as standard: reports, dashboards, dashboards, graphics, etc.

Prometheus has two main advantages over Pandora FMS and Nagios: the fact that it is designed to be part of an integration and its ease of use by having far fewer features.

Its main disadvantage is its poor scalability and the fact that many of the features of Nagios and Pandora FMS just do not exist in Prometheus, especially in network monitoring or in reporting.

Radar-type graph

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

What are the actions performed during a privileged access

Nowadays, cyber-attacks have become increasingly common and hit more and more companies, of all verticals and sizes. According to the SonicWall 2022 Cyber Threat report, the number of cyberattacks involving data encryption increased by 167% in 2021, reaching 10.4 million attacks. And they weren’t the only ones: Intrusion attempts increased by 11% and IoT malware was up 6% in 2021 compared to 2020.

And the cost of these attacks also follows this trend: according to IBM in its Cost of a Data Breach 2021 report, the average cost of a data breach was USD 4.24 million, up almost 10% compared to 2020. It’s worth remembering that privileged users are a major attack vector used by cybercriminals: according to Verizon Data Breach Investigation Report 2022, more than 40% of data breaches involved exploiting stolen high-privilege credentials.

And it’s no wonder that privileged credentials are also called keys to the kingdom. After all, these credentials allow access to critical information and to modify settings in the environment. If compromised, they can cause significant damage to the organization, including affecting business continuity. For this, it is important for security leaders to implement processes, train people, and acquire tools to properly manage privileged access. This is called Privileged Access Management, or PAM. According to Gartner, by 2022, 70% of organizations will implement PAM practices for all their use cases, a 40% increase from 2020.

Implementing PAM allows organizations to effectively monitor their environment, as well as pinpoint who had access to which assets connected to the infrastructure. In this way, it is possible to protect the organization against threats – both internal and external – in addition to preventing malicious actors from gaining access to sensitive data through high-privilege accounts and enabling compliance with the latest cybersecurity regulations, including security protection laws. data such as LGPD, GDPR and CCPA. However, according to Gartner, mitigating risks associated with privileged access is virtually impossible without PAM solutions. These risks include, for example, the lack of visibility of assets, as well as the traceability of actions performed through privileged credentials. It is worth remembering that Gartner elected PAM as the number 1 project in security for two years in a row.

To ensure maximum protection, we at senhasegura have developed an approach that covers the entire life cycle of privileged access, including the actions carried out before, during, and after the realization of privileged access. These actions range from discovering privileged credentials in the environment and provisioning them to verifying actions performed in the environment. In this article, however, we will focus on the “during” step, and explain in more depth the actions performed during privileged access.

Download eBook (PDF)

These actions are primarily related to what the user performs while performing privileged access, after provisioning and granting access to the user. A PAM solution in this case allows administrators to define which users (or group of users) will be allowed to access a credential to perform access to a device, system or application. During this access, it must be possible to record all activities carried out through privileged credentials. This means that administrators must be able to see what actions are being performed on the systems and devices managed by the PAM solution, in addition to video recording and logging all remote sessions performed on these devices. This ensures that all actions taken can be tracked and audited later, thus allowing you to detect the causes of a cyber incident, or meet audit requirements.

In this case, the PAM solution must also be able to detect, respond and send alerts about any suspicious activity carried out through privileged credentials, based on their usage profiles. In this way it is possible for the security team to discover and prevent an ongoing cyber attack.

In addition to privileged credentials, a PAM solution also allows for the management and protection of SSH keys, digital certificates and secrets in DevOps environments, enabling the implementation of DevSecOps. According to Gartner, by 2021, DevSecOps practices (i.e., the adoption of Security practices in Development and Operations processes) will be adopted by 60% of agile development teams, against 20% in 2019.

We have seen that the implementation of proper Privileged Access Management is impossible without specialized PAM tools. The tool chosen by the organization must consider all aspects of the privileged access lifecycle: from provisioning access to verifying all actions performed in the environment. In this way, it is possible for Information Security teams to adequately protect the “keys to the kingdom” against the actions of malicious agents, including internal threats. In times of data protection legislation such as GDPR, LGPD and CCPA, ensuring compliance with these regulations is more than reducing cyber risks, it is ensuring business continuity.

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Senhasegura
Senhasegura strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.



Click one of our contacts below to chat on WhatsApp