Google Vault saves every Gmail draft you've ever written

By on
Google Vault saves every Gmail draft you've ever written

Forensics pros get access without passwords.

Every variant of every draft email an employee has written in Gmail can be made available to businesses thanks to a little known forensics feature.

Google Apps Vault was a $5 a month subscription feature that retained all emails written, sent and received by staff within organisations that use Google's Apps. 

"In one instance I found over 40 versions of the same email message."

Those organisations using Vault bypassed the need to ask staff for their Google credentials in order for forensics to be run across Gmail accounts.

Forensics professional Lee Whitfield ran a test of the service and was shocked when it revealed every incarnation of every draft email he had written - including those saved over or deleted.

"Last week I composed an email [which] was never sent and was immediately discarded from the drafts folder in my Gmail so imagine my horror when the downloaded MBOX contained this message," Whitfield said in a blog.

"Not only that but 19 different iterations of the email were saved and available for download from my account. Each iteration had a slightly different time-stamp associated.

"I could trace how each one of my emails was formed and edited before sending them on to their eventual destination. In one instance I found over 40 versions of the same email message."

The power of the Vaults feature received a boost when on 16 May Google deactivated the ability for users to turn off Google chat records by default. This may have provided forensic investigators with additional chat records inadvertently made on-record and captured permanently by Google.

Whitfield said the feature was useful because it negated the common occurrence of staff refusing or delaying the provision of login credentials to their accounts.

"Often users will stonewall us with credentials making collection of mailboxes virtually impossible. Other times we are left waiting for hours, or even days, for the user to grant us access to their account. This can make for some very tight deadlines."

Google Apps Vault was a product of the retirement and transition of Postini which forensics professional Bradley Shatz pointed out offered the same functionality.

Copyright © SC Magazine, Australia

Tags:
In Partnership With

Most Read Articles

Log In

Username / Email:
Password:
  |  Forgot your password?