In our storage and other forums as posts show up where the machine fails and they never had a backup and the "Encryption" works all too well.
On top of that you added another layer. There's a lesson here that I wonder if you'll learn first hand. I'll share it in the form of a question.
Where is the unencumbered, non encrypted backup?
My system: Sony Vaio AR790U/B Notebook PC Vista Ultimate.
After doing a lot of research, I found what I believe to be one of the best security setups, for my laptop.
First I replaced the Vaio?s 2 Seagate RAID hard drives my laptop came with, for 2 Hitachi TravelStar 160GB hard drives that have hardware encryption built-in (Hitachi Bulk Encryption). The Bulk Encryption is activated by simply creating a password on boot in the BIOS. Once you create a password in BIOS, the entire hard drive is encrypted.
The encryption key, is linked to the BIOS and cannot be removed or stored anywhere else. If the hard drives are removed from the notebook, they will not be readable by any other windows, Linux or any system. So in other words, the BIOS of my VAIO, holds the encryption key and if the VAIO and hard drive are separated from one another, then the data can?t be accessed even with my password. What?s amazing about the Hitachi TravelStar drive, is that the Bilk Encryption does NOT slow down my system at all in regards to performance. Furthermore, it?s actually faster because it?s running at 7200rpm rather than 5400rpms, as the stock hard drives were rated at. Also the Hitachi 7200rpm drives use less power than a comparable 5400rpm drive from Seagate. I?ve had the Hitachi drives installed for a few months now and all is perfect.
Now on top of the Hardware based encryption, I went one step further and installed TrueCrypt 6.0a and did a full system encryption. I?ve been told that my system, should be just a bit slower, but I honestly have not noticed. The TrueCrypt full system encryption has worked very well, as in no issues or crashes of any kind. TrueCrypt requires you make a boot up CD, in case of corruption of the software. So Should TrueCrypt fail to work on boot up, you can use the CD, but you?ll still need to enter your password. I also do a weekly backup of all my data (using the AMAZING SyncBackSE), to an external USB 2.0 drive (which is entirely encrypted by TrueCrypt as well, and stored in a small fireproof safe).
This security setup means that, each time I start my Laptop, first the BIOS password entry field pops up 5sec after pressing the power button. Immediately after entering that password, TrueCrypt?s password entry field comes up; I enter that password (same long password as the one for BIOS, but with a small modification). And then windows loads up and everything remains decrypted, until I simply shut down windows, and then everything becomes encrypted again and it?s all very quick, as if nothing is going on.
Now my only complaint, is that even though my long passwords, are easy for me to remember and input; I would very much like it if I could, have a USB biometric fingerprint reader, that I could just insert and have it enter the BIOS and TrueCrypt passwords for me. Sadly, it seems that there is no current technology, that would allow this, because Windows needs to boot before you can use a Biometric USB reader. If I?m wrong about this, I would love to hear of a possible solution to this?