Do I Need the Trusted Platform Module?
This is a question many have probably asked as they pondered the purchase of a new Tablet PC. Most of the major Tablet PC manufacturers, Dell, HP, IBM, Toshiba, and Fujitsu, Gateway and Acer, already have models with the TPM inside or plan to release models with the TPM in the not-too-distant future. Industry analysts believe the chip may be in almost every computer by the end of the decade.
So what exactly is the TPM? Put simply, the TPM is a small chip that provides an encrypted environment to store passwords and other security and authentication information. The TPM in conjunction with software provides validation of authentication information such as biometrics and passwords ensuring that only authorized users have access to the data contained on the Tablet PC.
The TPM was developed by a standards organization known as the Trusted Computing Group and is not based on any one company’s proprietary hardware or software.
What the TPM brings to the party is security based in hardware not just software (which can be easily cracked). The module has special features which make it unaccessible to hackers or unauthenticated users.
As an example, before the advent of the TPM (Trusted Platform Module) Windows based Tablet PCs had a gaping security hole — the password used to access a password protected Tablet PC was stored in clear text on the machine which made it very easy for a hacker to gain access to the machine. With TPM the password can be stored in an encrypted format in the TPM making it virtually impossible for an unauthorized user to derive the password.
Passwords are the most widely used form of authentication but often one of the weakest because people use passwords that are too weak or leave them static for too long. The TPM in conjunction with a software program can help the user create a robust password and ensure that the password is replaced at regular intervals. The TPM can also allow for multi-factor authentication such as password and biometric together.
Another example would be if you were using encryption software to encrypt certain data on your Tablet PC. While this provides you with a certain level of security, the key to the encrypted data is still being stored on the machine with the data and is therefore vulnerable to being cracked should your Tablet PC be lost or stolen. With a TPM the encryption key would be stored in encrypted format on the chip itself making it virtually impossible to crack.
A TPM capable Tablet PC can also simplify logging into websites or applications by automatically saving and providing secure complex passwords. The passwords are protected by the TPM which provides a high level of security.
The TPM chip is only one side of the security equation though. Without complementary software the chip’s functionality is useless. Independent software vendors are developing software based on standards that is optimized for the TPM platform. Most manufacturers that offer the TPM chip in their machines also bundle software to go with it.
The whole concept of the TPM is still in its infancy and no one yet knows how it will develope. Industry experts foresee the TPM making its way into all manner of devices such as USB drives, tape drives, and cell phones.
So to answer our question posed in the title- in a nutshell, yes. If you’re a corporate Tablet PC user chances are your IT department has already equipped you with TPM Tablets. If you’re a home user, well with identity theft on the rise, these days it’s not just rocket scientists and captains of industry that need to keep their data secure.
A TPM module usually adds little to the retail price of a computer. Considering the security gains you get it’s almost always worth the few extra dollars. However the important thing to remember is that security requires an active user. Just buying a Tablet PC with TPM inside won’t keep you secure unless you use the included software and follow good security practices.