Data Recovery Agent (DRA)

Definition - What does Data Recovery Agent (DRA) mean?

A data recovery agent (DRA) is an individual who decrypts data that's encrypted by other users on a Windows operating system. Data recovery agents are assigned and authorized Windows users who can decrypt any or all users' data, typically in case of disaster, emergency or a system crash.

[WEBINAR] Plan for Success: Using Process Models to Achieve Business Goals

Techopedia explains Data Recovery Agent (DRA)

DRA is primarily used in enterprise networking environments with many different end user workstations managed centrally through a Windows Server. Generally, the role of DRA is performed by the network/system administrator. Typically, the DRA is defined and configured at each domain, network or at machine level within Windows Group Policy and Active Directory.

Except in Windows 2000, where the local administrator is the default DRA, Windows XP, Windows, Windows Server 2003 and above all require the administrator to create a recovery agent certificate/smart card certificates or public key. The recovery agent certificate/key must be created prior to data encryption or the data cannot be decrypted by the DRA.