This is one of the most common misconceptions in small business IT, and it's an expensive one to discover too late. When businesses move to Google Workspace, they assume Google is handling backup. After all, everything is "in the cloud" and Google doesn't lose data. Both of those things are true — and neither of them means your data is actually backed up in any meaningful sense.
Understanding the difference between storage reliability and backup is not just a technical distinction. It's the difference between recovering from a data loss incident in hours and discovering you have no recovery path at all.
What Google actually does with your data
Google stores your Workspace data — emails, Drive files, Calendar events, Contacts — across redundant infrastructure. The data is replicated across multiple locations. If a server fails, if a data centre has a power issue, if there's a hardware problem anywhere in the chain, your data is unaffected because copies exist elsewhere. Google's infrastructure is genuinely excellent for this purpose.
What Google does not do is take independent snapshots of your data at a point in time that you can restore from. If you delete a file, that deletion is replicated. If a user's account is compromised and an attacker deletes all their email, those deletions are replicated. If ransomware encrypts your Drive files before being caught, those encrypted versions become your only copies.
"Google's redundancy protects you from Google's infrastructure failing. It does nothing to protect you from your own users, your own mistakes, or an attacker who has access to your account."
What Google does offer — and where it runs out
Google Workspace does include some limited recovery capabilities:
Drive trash and version history
Deleted files go to Google Drive Trash and are recoverable for 30 days (for Workspace plans) before being permanently deleted. Version history for Docs, Sheets, and Slides is available, allowing you to restore to previous versions of individual files. For some plans, this history is available for 180 days.
Where this falls short: 30 days is enough for accidental deletion of a file you notice quickly. It's not enough for a data loss event you discover late, or for recovering from a ransomware attack that encrypted files over several weeks before detection. Version history doesn't apply to binary files (PDFs, images, video) stored in Drive. And if an account is deleted entirely, Drive content is at risk of permanent loss after a short window.
Gmail trash and email retention
Deleted emails go to Gmail Trash and are recoverable for 30 days. Google Vault (available on Business Plus and above) allows retention policies and eDiscovery — useful for compliance and legal hold, but not designed as a self-service point-in-time backup tool that a business owner can use for day-to-day recovery.
Admin-level restore window
Workspace admins can restore deleted user data for up to 25 days after deletion — but only certain types of data, and the process requires admin action during a narrow window. After that, the data is gone.
All of Google's native recovery tools operate within the same system as the original data. If a ransomware attack or a malicious insider action affects data at scale — across multiple users, across Shared Drives — Google's tools were not designed for that recovery scenario. The recovery capabilities are designed for individual accidental deletion, not for data incidents.
The three scenarios where the lack of independent backup causes real damage
Ransomware
Cloud ransomware targets Google Drive's sync functionality. Malware on a device encrypts files locally, then the sync client uploads those encrypted versions to Drive, overwriting the originals. Version history can sometimes recover from this — but only if the attack is detected within the retention window, and only if the attacker hasn't deliberately purged version history as part of the attack. An independent backup running to a separate environment — one the ransomware cannot reach through sync — is the only reliable recovery option.
Accidental or malicious bulk deletion
A departing employee with Manager access to a Shared Drive deletes multiple folders before their account is suspended. A user running a cleanup script makes an error and deletes a year's worth of documents. An attacker with compromised account access systematically removes files. Google's Trash gives you 30 days and a per-item restore process that doesn't scale to bulk recovery. An independent backup lets you restore an entire folder structure to a point in time before the deletion event, in minutes.
Account deletion without data transfer
As covered in the employee offboarding guide — if a user's account is deleted without properly transferring their Drive data first, that data is at risk. Personal Drive files (as opposed to Shared Drive files) are owned by the account, not the organisation. If the account is deleted, those files are gone. An independent backup that snapshots user data daily means there's always a recoverable copy, regardless of how the account was handled during offboarding.
Backup is included in every GetBulwark managed service
Independent daily backup of Gmail, Drive, Calendar, and Contacts — stored in a separate environment, recoverable at any point in time. Included as standard for every managed client.
See what's includedWhat a proper Google Workspace backup looks like
An independent backup solution for Google Workspace should do three things: run automatically every day without manual intervention, store data in an environment that is separate from your Workspace (so an attack on your Workspace cannot reach the backup), and allow point-in-time restore of individual items or entire user accounts or drives.
The data that should be covered: Gmail (all messages, labels, attachments), Google Drive (all files including those in Shared Drives), Google Calendar, and Google Contacts. That's the complete footprint of a Workspace user's business data.
Pricing for this kind of solution at the small business level is lower than most people expect — per-user per-month costs that sit comfortably within the cost of a single hour of data recovery work if you ever need it. The cost of not having backup, in a ransomware or major deletion scenario, is measured in days of downtime and potentially in permanent data loss. The comparison isn't difficult.
For any business that stores client data, sends commercial emails, or relies on files in Drive for operational continuity — independent backup is not optional. It's the part of your security posture that answers the question: if everything went wrong today, what does recovery look like?
