Solved

Upgrade internal PGP-encrypted boot drive?

Posted on 2013-11-09
5
435 Views
Last Modified: 2014-02-21
I have an internal solid state HD in my Windows 7 64-bit laptop, and I need to replace it with a bigger one. There are four partitions on the drive. The C: drive that it boots to is not encypted, but the others are (i.e., the data partitions). If I use a cloning utility, what will happen to the encrypted partitions? Those partitions are fully backed up so I do have the option on not cloning them, and just restoring the data later.

Also, how do the partition sizes get set on the new HD? Wiull I have to expand them after cloning them? My system partition is the one that is almost full.
0
Comment
Question by:bnchester
  • 2
  • 2
5 Comments
 
LVL 62

Expert Comment

by:btan
ID: 39636770
A backup product that does raw (sector-by-sector) backup can also backup a PGP encrypted system partition, although only when booting from its own boot media.

In particular, casper creates a complete backup of an encrypted drive that retains all of the encrypted data in its original encrypted state, also duplicates an encrypted drive to a larger drive without requiring a laborious and time consuming backup, restore, and re-encryption process.

Importantly, it creates or restores an encrypted backup to a drive that is either smaller or larger than the original.

http://www.caspersecure.com/
0
 

Author Comment

by:bnchester
ID: 39636956
This looks good. So I clone to a 2.5" drive via an external HD enclosure, then just put that drive into the laptop and I'm ready to go?

Followup: I use ShadowProtect to back up my data (and system drive) to a network share, and this seems to have a lot of the same capabilities as Casper. Since the system partition ITSELF isn't encrypted, just the data, might that work?
0
 
LVL 62

Accepted Solution

by:
btan earned 100 total points
ID: 39636994
Plain partition should be as per norm recovery and backup. I did not know about shadowprotect in specific. Also note if the encryption used TPM chip on the  source machine then the key cannot be migrated to another, it needs to be decrypted
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 100 total points
ID: 39638150
Hi.

We did this type of migration many times with PGP WDE 10 fully encrypted disks.
We used drive snapshot ("DS")  http://www.drivesnapshot.de/en/index.htm to do it. After restoring the Image to the new drive, DS resizes the partitions. Reboot the System and re-encrypt it.

We also used clonezilla which does what breadtan mentioned: sector-copying the drive, so we keep it encrypted. Problem: what would clonezilla do with the encryption? Of course it cannot encrypt, so the partitions would have to be extended after cloning... a process which is not supported by PGP. So the best way I see to stretch partitions is doing an image copy as with drive snapshot and then re-encrypt.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39877781
Please respond or finalize it, this question is growing old :) I think it was obviously solved.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question