- This topic has 15 replies, 3 voices, and was last updated 1 month, 1 week ago by
.
- Posts
Hi,
I have a Windows 10 laptop with C drive encrypted using bitlocker.
I need to perform regular backups onto an USB drive. I need two things:
– granular file backups. I suspect using built-in windows backup tool since for online backups the data is accessible.
– Disaster recovery backup. This part is the cumbersome part since I am finding that tools like Acronis need to disable bitlocker before performing a DR backup. This is far from ideal because that means to regenerate bilocker recovery passwords.
Any experiences?
Miguel, you have to distinguish between DR tools that work on the file level and block-based backup tools. File level tools usually need to run within a Windows session of the installed OS which means they run under the privileges of an authenticated user. They have access to the files as any other application. Block-level tools usually come with their own OS and therefore need to disable BitLocker first. I previously worked with Acronis but I found it too complicated for daily backups.
In any case you have to make sure that you store the BitLicker recovery keys on an external device. You will need them in case of a DR. It also very important that you simulate the DR case. Most DRs fail because admins realize too late that their solution is not working. You can simulate DRs in a virtual environment.
Thanks for answering so quickly.
I know all that. I was assuming that I could backup sector by sector as DR backup. Clonezilla claims it can do it.
Of course I am working on testing DR and a procedure before going on production.
I was just giving the whole picture and try to generate a debate and get some inputs.
Regenerating bitlocker passwords for DR every month or quarter I find it a little bit time consuming and error prompt
Thanks
