Bitlocker Technical Questions

Mallory Anderson 21 Reputation points
2021-06-15T16:02:09.667+00:00

Hello,

I have some questions about BitLocker:

  1. If a drive has BitLocker Encryption, but it is not enabled, and the drives are then duped using a drive duper, is there any risk to the data on the drive or does that only ensue once BitLocker is enabled on a specific hardware chassis?
  2. To duplicate a drive, it appears you must unlock/disable/decrypt before duping. If you have a drive with BitLocker encryption not enabled, can you use that drive to dupe over a drive that is BitLocker enabled, or will it brick the drive?
  3. How are the keys associated? Does it come once the drive is associated to the TPM module in the chassis, or is it based on the drive itself?
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,887 questions
{count} votes

Accepted answer
  1. Percival Yang 721 Reputation points
    2021-06-16T03:42:18.767+00:00

    Hi,
    Before we go. You should pay attention to many things before using bitlocker, you should backup any important data before performing experiment.

    If not enabled means you haven’t turn bitlocker on, certainly there is no risk doing question 1&2.

    If not enabled means bitlocker is being disabled which appears automatically unlock each time but still under encryption.
    As to question 1:
    No need to worry data only if have recovery key, but we suggest you to decrypt the disk and do the duplication, any accidents during duping will lead to serious outcome.

    As to question 2:
    You mean that duplicate an encrypted disk to another encrypted disk (status: disabled)
    It’s risky and we don’t suggest this operation especially using third party tool, to use native Microsoft backup tool requires decrypting target Disk at first, then select the disk to store the backup,

    As to question 3:
    It depends on whether your Device has TPM and how your GPO is configured. Here‘s GPO location:
    Search→edit group policy→Computer Configuration→Administrative Template→Windows Components→Bitlocker Drive Encryption.

    Hope above information can help you.

    ============================================
    If the Answer is helpful, please click "Accept Answer" and upvote it.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.