Overview of the Purge messages feature

Gmail Gopher offers G Suite super-administrators the ability to preview and permanently delete search-specified messages from specific recipient and sender Gmail accounts. 

Mass deletion of emails from user Gmail accounts may be desirable in any of the following circumstances:

  • Phishing / malware: An email disseminated to users contains deceptive information designed to get users to click links to malicious apps that can obtain API scopes to collect sensitive information or act on behalf of users within Google or other systems, or to submit sensitive information to web forms, etc.
  • Student data privacy violation: An email body or attachments contains sensitive (FERPA, etc.) protected student information and is sent out to a student or staff audience that is not legally permitted to see the information.  This can happen accidentally due to global address / autocomplete related user error, or it can arise from a misconfiguration of Google Groups.  Our Group Settings Gopher tool helps reduce the likelihood of the latter.
  • Inappropriate content / abuse of service:  Student make mistakes as they grow into technologies, some of which can be quite disruptive and require fast remediation.  Misconfigured Google Groups can make the likelihood of this problem greater.  Our Group Settings Gopher tool helps reduce the likelihood of the latter.
  • Student online safety:  Email can be a vector cyberbullying, shaming, and reducing the associated harms can sometimes require quick action on the part of IT administrators.

Note: Emails via Gmail Gopher are still retained for legal purposes according to your  Google Vault retention rules.

How it works...

1. Administrator uses Email Log Search feature within G Suite Admin console to identify the offending messages and recipients, exports as CSV file.  Learn more about how to user the Email Log Search.

export-log-search-results.png

2. CSV file is selected via Gmail Gopher sidebar. 

Screen_Shot_2018-01-29_at_1.34.28_PM.png

 

 

3. CSV summary preview is provided.

Screen_Shot_2018-01-29_at_1.34.57_PM.png

 

 

4. Logs data is transformed (de-duplicated and scrubbed) and loaded to a tab named Emails to Purge.  From here, the user can further refine the selected emails for deletion using Sheets Filters.

Screen_Shot_2018-01-29_at_1.35.55_PM.png

5. Prior to running the deletion job, the user is provided a full preview (including a text representation of the email body and attachments) of each unique message, as well as the ability to select deletion for recipients and sender (if the sender is internal to the domain).

Screen_Shot_2018-01-29_at_1.45.20_PM.png

6. A high-level summary is provided, as well as a Sheets-filterable Status note on each message-recipient combination within the Sheet.

Screen_Shot_2018-01-29_at_1.47.30_PM.png

Screen_Shot_2018-01-29_at_1.48.50_PM.png

7. Activity logs are global to the domain, and capture all preview and deletion activity performed by users.  For the sake of transparency, activity logs can be exported to Sheets by any other super-administrator.

Screen_Shot_2018-01-29_at_1.54.20_PM.png