Storm season is back, bringing with it the potential for significant weather events. If you have clients in areas prone to infrastructure disruption, visit the Disaster Recovery Resources guide for preparedness information. Datto recommends performing proactive disaster recovery testing to mitigate potential downtime. See our articles about the importance of disaster recovery testing and Preparing For A Cloud Virtualization Test: Policies, Procedures, And Partner Responsibilities to learn more. For live updates, follow @datto on Twitter.

Bitlocker Considerations



This article explains BitLocker Drive Encryption, a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.


  • BitLocker uses a special chip on the motherboard called a Trusted Platform Module (TPM). It is designed to unlock your encryption key only after confirming that your bootloader program hasn’t been modified. When inside of a local virtualization, the TPM will no longer be accessible, so locking drives again with bit locker will require adjusting the group policy settings. This is also the partner’s responsibility.

  • Partners who run local virtualization with BitLocker should know that Microsoft does not officially support BitLocker on partitioned virtual disks, but VMWare has a reference article.
  • The Datto solution backs up the data in its current encryption state.  If it is backed up decrypted, then it will be restored decrypted. For this reason, Datto recommends using encrypted agents as an added layer of security.
  • Since BitLocker happens on a software / Operating System layer it is important to note that Datto will only be able to restore the layers that were already configured by the user. Datto is in no way responsible for the user losing their keys / passphrases for BitLocker. 
  • Upon restore, BitLocker's state will be the same as when it was backed up. If it is unlocked on backup, it will be unlocked upon restore and potentially vulnerable. This is why Datto recommends using encrypted agents when protecting machines with BitLocker. 


Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Want to talk about it? Head on over to our Community Forum!