Solved

Upgrade internal PGP-encrypted boot drive?

Posted on 2013-11-09
5
432 Views
Last Modified: 2014-02-21
I have an internal solid state HD in my Windows 7 64-bit laptop, and I need to replace it with a bigger one. There are four partitions on the drive. The C: drive that it boots to is not encypted, but the others are (i.e., the data partitions). If I use a cloning utility, what will happen to the encrypted partitions? Those partitions are fully backed up so I do have the option on not cloning them, and just restoring the data later.

Also, how do the partition sizes get set on the new HD? Wiull I have to expand them after cloning them? My system partition is the one that is almost full.
0
Comment
Question by:bnchester
  • 2
  • 2
5 Comments
 
LVL 62

Expert Comment

by:btan
ID: 39636770
A backup product that does raw (sector-by-sector) backup can also backup a PGP encrypted system partition, although only when booting from its own boot media.

In particular, casper creates a complete backup of an encrypted drive that retains all of the encrypted data in its original encrypted state, also duplicates an encrypted drive to a larger drive without requiring a laborious and time consuming backup, restore, and re-encryption process.

Importantly, it creates or restores an encrypted backup to a drive that is either smaller or larger than the original.

http://www.caspersecure.com/
0
 

Author Comment

by:bnchester
ID: 39636956
This looks good. So I clone to a 2.5" drive via an external HD enclosure, then just put that drive into the laptop and I'm ready to go?

Followup: I use ShadowProtect to back up my data (and system drive) to a network share, and this seems to have a lot of the same capabilities as Casper. Since the system partition ITSELF isn't encrypted, just the data, might that work?
0
 
LVL 62

Accepted Solution

by:
btan earned 100 total points
ID: 39636994
Plain partition should be as per norm recovery and backup. I did not know about shadowprotect in specific. Also note if the encryption used TPM chip on the  source machine then the key cannot be migrated to another, it needs to be decrypted
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 100 total points
ID: 39638150
Hi.

We did this type of migration many times with PGP WDE 10 fully encrypted disks.
We used drive snapshot ("DS")  http://www.drivesnapshot.de/en/index.htm to do it. After restoring the Image to the new drive, DS resizes the partitions. Reboot the System and re-encrypt it.

We also used clonezilla which does what breadtan mentioned: sector-copying the drive, so we keep it encrypted. Problem: what would clonezilla do with the encryption? Of course it cannot encrypt, so the partitions would have to be extended after cloning... a process which is not supported by PGP. So the best way I see to stretch partitions is doing an image copy as with drive snapshot and then re-encrypt.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39877781
Please respond or finalize it, this question is growing old :) I think it was obviously solved.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now