Data recovery from hard disk drives failures that are encrypted follows the same handling procedures as all other magnetic media. A strict data recovery process of handling and documentation begins right at the shipping door upon drive receipt and finishes when the drive is shipped back to the customer.
In most cases, when working with a top data recovery provider, all recovery processes are logged from start to finish. These results in an audit trail of the data recovery history and serve the verification that the recovery was conducted in a secure, professional compliant manner. Specifically, you must to ensure the process consists of the following high-level steps:
1. Triage drive; determine faults without opening drive
2. Clean room escalation for physical or electronic damage
3. Secure original media
4. Sector-by-sector copy of drive data
5. User Key used to decrypt data
6. Produce file listing of user file names
7. Repair file system
8. Prepare data for delivery
9. Encryption options for data delivery
After the first four stages listed above, the recovery engineer will begin to map all key file system structures that point to the user files. However, if the hard disk drive is encrypted, then the drive needs to be decrypted in order to proceed.
Decryption
If this is the case, a user key or decryption password is required. Fortunately, encryption software has come a long way over the years. Besides using a master password for decryption, most professional encryption software provides a technician level pass-phrase that changes on a daily basis.
Most organizations are much comfortable by providing these one-time use pass-phrases so that the recovery work can continue. However, this is not always the case. For most organizations, providing this information to an outside professional, such as a data recovery provider, is against their security policy. In these situations, a successful data recovery is still possible.
There are Data recovery companies that can perform recoveries while leaving the data in its encrypted form throughout the entire process. In this case, the data will be recovered and sent back to the client in its encrypted form; however, the specific results will be unknown until the files are opened by someone with access to the encryption key.
Ultimately, this limits the ability for a Data recovery provider to communicate the success of the recovery until the recovered data is delivered and opened, thereby placing some burden back on the customer.
As a result, it is very much clear that significant time and cost savings are associated with allowing your recovery vendor to access your one-time use pass-phrase codes while attempting to recover your encrypted data. At the same time, it's critical to ensure that your selected vendor also understands security protocols, is knowledgeable about encryption products and has privacy policies in place.
In most cases, when working with a top data recovery provider, all recovery processes are logged from start to finish. These results in an audit trail of the data recovery history and serve the verification that the recovery was conducted in a secure, professional compliant manner. Specifically, you must to ensure the process consists of the following high-level steps:
1. Triage drive; determine faults without opening drive
2. Clean room escalation for physical or electronic damage
3. Secure original media
4. Sector-by-sector copy of drive data
5. User Key used to decrypt data
6. Produce file listing of user file names
7. Repair file system
8. Prepare data for delivery
9. Encryption options for data delivery
After the first four stages listed above, the recovery engineer will begin to map all key file system structures that point to the user files. However, if the hard disk drive is encrypted, then the drive needs to be decrypted in order to proceed.
Decryption
If this is the case, a user key or decryption password is required. Fortunately, encryption software has come a long way over the years. Besides using a master password for decryption, most professional encryption software provides a technician level pass-phrase that changes on a daily basis.
Most organizations are much comfortable by providing these one-time use pass-phrases so that the recovery work can continue. However, this is not always the case. For most organizations, providing this information to an outside professional, such as a data recovery provider, is against their security policy. In these situations, a successful data recovery is still possible.
There are Data recovery companies that can perform recoveries while leaving the data in its encrypted form throughout the entire process. In this case, the data will be recovered and sent back to the client in its encrypted form; however, the specific results will be unknown until the files are opened by someone with access to the encryption key.
Ultimately, this limits the ability for a Data recovery provider to communicate the success of the recovery until the recovered data is delivered and opened, thereby placing some burden back on the customer.
As a result, it is very much clear that significant time and cost savings are associated with allowing your recovery vendor to access your one-time use pass-phrase codes while attempting to recover your encrypted data. At the same time, it's critical to ensure that your selected vendor also understands security protocols, is knowledgeable about encryption products and has privacy policies in place.