Using BitLocker to securely store data in the cloud
Say you have a laptop running Windows 7 that has a lot of sensitive personal data stored on it, say several hundred megabytes of personal files. The data on the laptop is encrypted using BitLocker, and you want to safely store your personal data in the cloud using Windows Live SkyDrive. Unfortunately, if you simply upload the encrypted data using SkyDrive, it will be stored in the cloud in unencrypted form, which means it could be read by whoever has administrative access to the cloud where SkyDrive data is stored. How can you make sure SkyDrive administrators can't read your personal data?
You could do something the following:
- Use the Disk Management snap-in of Computer Management to create a virtual hard disk (VHD) of size 1GB.
- Use Disk Management to initialize the VHD, then create and format a new simple volume enabling file and folder compression on the volume.
- Open the BitLocker utility from Control Panel and protect the volume using a password.
- Create a daily or weekly task using Task Scheduler that dismounts the VHD and uploads it to the cloud using SkyDrive.
Note that Skydrive can maintain up to 20 backups of your VHD before your backup job starts discarding the oldest backup.
Mitch Tulloch is a Microsoft Most Valuable Professional (MVP) and widely recognized expert on Windows administration, deployment and virtualization. For more tips by Mitch you can follow him on Twitter or friend him on Facebook.