Beaverton, OR, USA, November 19, 2020 – Securing devices against rising security threats is critical to mitigate risks in today’s world of remote working and virtual meetings but can be challenging due to tight budgets. Unfortunately, many businesses fail to utilize the Trusted Computing features that are included in their PCs and other devices, leaving billions of devices vulnerable to threats, said Steve Hanna of Trusted Computing Group’s Technical Committee at the Endpoint Security eSummit today.
Speaking virtually at the Endpoint Security eSummit, Hanna highlighted that businesses cannot afford to forgo the security already bought and present in devices. All modern Windows PCs include a Trusted Platform Module (TPM) that can be used with built-in Windows features to prevent hackers from accessing information on the device. However, TPMs must be used to provide value – and this is something that gets overlooked by many.
“Forgetting to use your TPM is the equivalent of locking your car and leaving the keys in the door: it weakens your security and leaves your data vulnerable to theft,” Hanna added. “Users and administrators should take the time now to learn about the TPM and how they can use it. Otherwise, they are just wasting the money they spent on their PC!”
All modern Windows PCs are fitted with a TPM module; a standard component that protects the cryptographic keys used to encrypt hard drives and authenticate users so that hackers cannot gain access.
Beyond the TPM, most modern storage devices are Self Encrypting Drives (SEDs), whose hardware can encrypt the drive’s contents so that thieves can’t read any sensitive information stored on the device, even if they can get their hands on the device. Whilst TPMs and SEDs do not absolutely prevent security breaches, they provide strong hardware security capabilities that can be used to keep data more secure and protect user identity.
“The only thing stopping users from using the hardware security they already have is their lacking knowledge of how to use it,” continued Hanna. “Operators and authorities such as the National Cyber Security Centre are taking steps to promote the use of such measures, but it isn’t easy. TCG has made it our mission to make people aware of the capabilities of their own devices and help them use those capabilities more easily. TCG developed the standards for the TPM and SED. People have already purchased these devices. They should use them!”
Without utilising such built-in security systems, users are at risk of attacks. In 2018, losses due to such cybersecurity threats reached $8 billion – a 79% increase over the previous year. Such cases can be easily prevented by adopting readily available security, but are rising faster than user awareness.
“In an age of digital transformation, where computers have become even more essential, the emergence of never-before-seen vulnerabilities can be advantageous to criminals and costly to users,” Hanna concluded. “Threats to personal and corporate data are among the most common and invasive in the world of cybersecurity and preventing them has become a major concern as data pools expand – but the solution has been at the user’s fingertips all along.”
The Endpoint Security eSummit, organized by the CyberRisk Alliance, is taking place online on 18th November 2020. If you are interested in arranging a briefing with Steve Hanna about his presentation ‘Using the security you already bought – Trusted Computing’, please contact firstname.lastname@example.org.
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information is available at the TCG website, www.trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn. The organization offers a number of resources for developers and designers at develop.trustedcomputinggroup.org.
+44 (0)1636 704 888