Trusted Platform Module (TPM)

By Stephen Bucaro

One of the best ways to keep your data secure is to encrypt it. Encryption involves the use of an encryption key, basically a huge number, that is used in a mathematical operation (called a cipher) performed on the original data. The encrypted result (called ciphertext) is unreadable to anyone who does not have the key used to encrypt it.

The problem with encryption is that the encryption key is vulnerable during the encrypting and decrypting stages of the operation. The TPM is an embedded security chip, usually installed on the motherboard, that stores encryption keys in a protected EEPROM. When the TPM stores encryption keys, it encrypts them so that they can be decrypted only by the TPM.

Because the TPM uses its own internal firmware and logic circuits for processing instructions, it is not exposed to operating system vulnerabilities.

TPM uses two classes of encryption keys: migratable and non-migratable. Migratable keys protect data that can be moved to another computer. If the user wants data restricted to a single computer, they can use a non-migratable encryption key.

TPM is initially disabled on a new PC. The user can enable TPM in the system's BIOS. In the BIOS screen select "Trusted Platform Module" and then select "Enable". Once TPM is enabled in the BIOS, a TPM management application should be setup, and the first task performed with this software should be to backup the encryption keys.

TPM Security Management Software

Several vendors provide TPM security management software. Wave Systems provides the Embassy Trust Suite, Dell provides the Control Point Security Manager, and Intel provides Active Management Technology.

These software provide such features as; list system devices and display their current security status, allow administrators to set login and document security, encrypt disks, and setup devices such as fingerprint readers and smart card controllers.

More information can be found in the Microsoft Technet article: Windows Trusted Platform Module Management Step-by-Step Guide

More Windows Administration Information:
• Social Engineering Attack Counter Measures
• Remove Spyware with Spybot - Search & Destroy
• Video - Protect Your Files with Free SafeHouseExplorer Encryption Application
• DriveLock Hard Drive Protection
• Five Critical Steps to Protect Your Personal Information and Computer
• Avoid the Indigestion of Cookies
• Five Things You Can Do To Improve Your Company's Security
• Ransomware and How To Protect Yourself
• Turn On Your Browser's Phishing Filter
• Keep Your Internet Browsing Private with InPrivate Browsing

Save Money with Refurbished, Pre-Owned, and Open-Box Products on Amazon Renewed For example this refurbished Lenovo Thinkpad T440 Ultrabook, 14 Inch Display, Intel Core 4th Gen i5-4300U 1.9GHz, 8GB RAM, 500GB, USB 3.0, WiFi, with Windows 10 Professional was only $227.55 with FREE Shipping. This Amazon Renewed product was professionally inspected and tested by an Amazon qualified supplier. Box and accessories may be generic. Product works and looks like new. Comes with a 90-day warranty. Click here to what kind of amazing deal you can get with Amazon Renewed.

RSS Feed

 Follow @Stephen Bucaro

 Windows Troubleshooting
 Basic PC Anatomy
 Computer Architecture
 Internet Security
 A+ Practice Exams
 Maintain, Upgrade PC
 Windows Tips
 Windows Administration
 Linux