Having bitlocker encryption enabled on your portable device adds a layer of security against snooping in situation when you lose or misplace it. Without password, the drive is encrypted and inaccessible even if it is booted using an alternative bootable media.
Active Directory or Azure AD joined devices will have their keys backed up directly once enabled either to your AD server or to Microsoft Azure.
For laptops or PCs with local account, backing up your Bitlocker key is essential in securing your data from changes to hardware or hardware issues. Without the associated ID and recovery key, any system failure or changes may render your encrypted data inaccessible.
The recovery information may also be backed up to user’s personal Microsoft account and administrators may have to take extra precaution to keep a secondary copy in situation where the user forgets their Microsoft account information or has already left the organization.
- To backup your key, go to Control Panel in Search.
2. Set view as large icon from dropdown list.
3. Search and click on Bitlocker Drive Encryption option
4. Click Back up your recovery key
5. Bitlocker key can only be backed up to another drive or shared folder for “Save to a file” option. (Saving encryption key on encrypted drive will cause the saved key to be inaccessible if anything goes wrong thus defeating the purpose of backing it up.)
Backing up your keys to your personal Microsoft account or to Azure AD allows easy access and access to your data in event that there are changes to your hardware setup or when you need to access your data on an another device.