How to back up an encrypted disk using BitLocker by Phoenix Agent
This article applies to:
- OS: Windows
- Product edition: Phoenix
BitLocker drive encryption is a data protection feature of the operating system that was first made available in Windows Vista.
- When integrated with the operating system, BitLocker addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.
- BitLocker is a drive-level encryption and not a file-level encryption. Hence, hence when enabled, the access to the entire drive is restricted.
- BitLocker works based on a password encryption whereas EFS works on the basis of certificate-based encryption.
Configurations required for Phoenix backup with BitLocker enabled
- Scenario 1: BitLocker enabled on devices with a single drive (C:\ as OS volume): Since BitLocker has a drive-level encryption, the drive is unlocked when the OS is up and running. Hence, BitLocker does not hamper the functionality of Phoenix and the backups complete successfully.
- Scenario 2: BitLocker enabled on one or more drives of each device having multiple drives: The OS volume backups of drives enabled with BitLocker complete successfully. The rest of the drives must have auto-unlock enabled during the authentication process while setting up BitLocker for the drives. If auto-unlock is not enabled, the drives remain encrypted even after boot-up. If the drives are configured for backup, Phoenix cannot back up the drive as they are encrypted.
Enable seamless backup from servers with BitLocker encryption
- Open Control Panel on the host system.
- Click the BitLocker Drive Encryption icon.
- The BitLocker configuration page opens. The page displays all the drives, with their respective configuration status. Different options for the OS volume and additional drives are also displayed.
- Find the Turn on Auto Unlock for non-OS drives and enable the option. This ensures the drive is accessible to Phoenix for backup every time the user boots the device.