1)What are the steps to reduce the risk of corruption and failures?
Truecrypt does not add or take away any risk of corruption or drive failure, other than:
- If the Truecrypt volume header at the beginning of the disk gets overwritten, the volume is unrecoverable. Do what Truecrypt says and make a recovery disc and store it in a safe place.
- If you forget your passphrase, the volume is unrecoverable. Do not forget your passphrase.
2)What are the risks? Do you recommend full encryption or not, considering the backups? Any detailed explanation, article or comment will be much appreciated.
- Full disk encryption will prevent an adversary from reading the contents if the hardware is powered off at the time of the theft, or they power it off and try to read the drives later or in another machine. That's it. It will not add redundancy to your data. It will not enable you to recover deleted files more than you can now. It will not decrease the likehood of sudden hardware failure.
3)I've read here that Acronis and TrueCrypt aren't fully compatible (like you can backup only at container file level. Someone can elaborate? I've found ssome questions here, but nothing really clear.
- If your backup tool can back up raw partitions without caring or understanding about the filesystem in them, the tool, whatever it is, can be used to back up TrueCrypt partitions. The resulting file will be incompressible and will be near to the full size of the partition, you won't get the benefits of compression that can result if the tool can understand the filesystem within the partition.
4)Will TrueCrypt mess up with big files (iso images? Visual studio setup? SQL Server setup?) since it puts unencrypted files in ram? I have 3GB ram, should I not do this?
- TrueCrypt works on the block level, not file level. It is unaware and uncaring of anything you are writing to the disk other than Windows is telling it to read/write sectors, sort of like an ATA or RAID controller driver. NTFS, FAT, and other filesystems reside above TrueCrypt in the I/O stack.