Significance of TPM in Ensuring Enterprise Security

Trusted Platform Module (TPM) is a specialized hardware chip in modern computers that properly isolate sensitive operations: key management (key generation/storage/isolation/usage restrictions/encryption/decryption), executing cryptographic algorithms, secure boot, and remote attestation. 

TPM is isolated from the rest of the device's hardware and operating system, providing a high level of protection against unauthorized access or tampering. TPM offers a foundation on which various secure applications can be built.

In simpler terms, TPM is secure because the private key on the TPM CAN’T be extracted but can be used in device attestation.  The potential of this capability is huge.  In other words, we can build a TPM-based solution so that we DON’T need to store credentials on sticky pads, or file systems, assume that application memory can’t be dumped to steal passwords or worry that someone might have copied credentials. TPMs are reliable.

Apple Pay already uses its proprietary version of TPM called Secure Enclave, and there are trillions of dollars in transactions every year using Apple Pay. Many enterprises use Yubikey, a TPM-based solution, for authentication. FIDO implementations leverage TPM. Windows Hello uses TPM. There are more.

So what changed, and why is this important now?

Data breaches are on the rise.  The latest IBM Data Breach Report revealed that an alarming 83% of organizations experienced more than one data breach during 2022.  In 2022, the global average cost of a data breach reached $4.35 million, while the number is more than double in the U.S., averaging $9.44 million. TPMs provide a foundation to avoid the majority of these breaches. 

Though TPMs have been around since the early 2000s, they have become ubiquitous in recent years. Every modern laptop or smartphone has an inbuilt TPM chip. Enterprises are beginning to realize the value of TPM technology in securing their data.   There are a few startups that are exploiting the potential of TPM.  Procyon is one of them. Schedule a demo to learn about we use TPM in PAM solution.