Encrypted Data Recovery

Ontrack has security clearances for many government organisations and is trusted by hundreds of organisations to handle and recover encrypted data.

Ontrack Data Recovery engineers have the experience to recover encrypted media and files. Furthermore, Ontrack Engineers use best practices for data security protocols to ensure data privacy through all stages of the data recovery process.

Your recovered data is re-encrypted before it is returned to you, ensuring that your critical data is not at risk after the recovery process.

How Encrypted Data Recovery Works

Hardware encryption will not prevent data extraction, however the username and password used for the device or data will be required for data decryption.

For encrypted storage hard disk drives or encrypted file ‘containers’, please be prepared to provide encryption information to your Ontrack Data Recovery services representative. This will prevent any delays in performing the data recovery.

Important: Successful recovery of any email application requires that the files are stored locally on your computer, mobile phone, tablet or smartphone.

The Recovery Process of an Encrypted Hard Disk Drive

Recovering from hard disk drives that are encrypted follows the same handling procedures as all other magnetic media. A strict process of handling and documentation starts right at the shipping door upon drive receipt and ends when the drive is shipped back to the customer. The process consists of the following high-level steps:

  • Triage drive; determine faults without opening drive.
  • Clean room escalation for physical or electronic damage.
  • Secure original media.
  • Sector-by-sector copy of drive data.
  • User Key used to decrypt data.
  • Produce file listing of user file names.
  • Repair file system.
  • Prepare data for delivery.
  • Encryption options for data delivery.

After the first four stages listed above, the recovery engineer will begin to map all key file system structures that point to the user files. However, if the hard disk drive is encrypted, then the drive needs to be decrypted in order to proceed.

Click here for more information about our data recovery process.


If the hard drive is encrypted, a user key or decryption password is required. Instead of using a master password for decryption, most professional encryption software provides a technician level pass-phrase that changes on a daily basis. This protects the user’s password and the organisation’s master password.

Many organisations are comfortable providing these one-time use pass-phrases so that the recovery work can continue. However, this is not always the case. For some organisations, providing this information to an outside vendor, such as a data recovery provider, is against their security policy. In these situations, a successful recovery is still possible.

The data can be left in its encrypted form throughout the entire process. In this case, the data will be recovered and sent back to the client in its encrypted form; however, the specific results will be unknown until the files are opened by someone with access to the encryption key. Ultimately, this limits the ability for a data recovery provider to communicate the success of the recovery until the recovered data is delivered and opened, thereby placing some burden back on the customer.

Data Recovery Service Options for Encrypted Data

If your organisation’s security policies do not have a provision to release encryption passphrases, passwords, or other administrator information, Ontrack has other options available including on-site data recovery, remote data recovery and client-attended data recovery.