A continuous back-up system should be enough --as long as it doesn't have the smarts to reset the encryption pwd on the backup set.