Your computer is full of confidential data, hard work, and critical information. Hackers, thieves and scammers are itchy to get their fingers into this treasure trove.
Huge strides in systems security have been made in the past several years, yet experts put global economic damage from digital risks exceeding a record-breaking $500 billion in 2004.1
The barrier standing between your crucial assets and malicious intruders is about to get better.
Since 1999, a core group of leading PC manufacturers, hardware and software vendors have been hard at work creating a hardware-enabled standard for improving the security of every type of computer-from desktop and laptop PCs, to handhelds and other devices. This group, the Trusted Computing Group (TCG) has combined expertise from more than 100 companies including Dell, Intel, AMD, Microsoft, HP and Wave Systems. The resulting breakthrough is a hardware security chip called the Trusted Platform Module (TPM), which helps ensure that your computer, no matter where you are using it, is more secure even if stolen or lost.
Tens of millions of TPM chips have already quietly shipped, and “Trusted Computing” capabilities are now embedded in computers worldwide. Observers say that TPM deployment is on the verge of exploding, with IDC estimating that by 2007, up to 55% of computers shipping worldwide will contain TPMs. When leveraged with appropriate software, Trusted Computing offers protection from identity theft, information leakage, sensitive data exposure and other security risks, making your computer-and your business-more secure.
Today, most computers rely solely on software to shield their data-passwords, data encryption, firewalls-but, the software is inherently insecure, as seen through almost constant attacks, providing ample room for theft, hacking and data loss. The Trusted Computing model allows for the standards of software security to be amplified by the newly intrinsic secure hardware.
A common and very real threat is that data stored on a PC will be accessed by unauthorized persons. The consequences of unauthorized access can include legal penalties (exposure of customer personally identifiable information), competitive disadvantage, embarrassment, fraud and extortion. The management of the platform data is a responsibility of the business. Data security solutions provided by TPM and the suitable software enable owners of data and applications to impose strict controls on who may access and use those assets.
It is critical that enhancing data security not compromise functional integrity. The new wave of encryption appearing through Trusted Computing ensures that data, in any format, is both accessible and more secure. This includes transparency for the end user-the data remains encrypted without constant action from the end user, and authenticated access.
Authentication via passwords is the standard model used today, for everything from Web site access to transaction authorization. But, passwords are only as secure as a hacker’s ability to guess, record keystrokes, or fraudulently obtain them. Experts blame weak and insecure passwords for unauthorized financial transfers, privacy breaches, identity theft and even the hacking of corporate networks.
Trusted Computing eliminates this threat by adding a second factor of authentication that strengthens the entry point to the PC, application, network, or data being accessed. If the password is stolen, it is useless-the password alone is not enough to gain access to a Trusted Computer’s valuable data.
Included in the valuable data is information that allows hackers to steal your customers’ identities. As identity theft and unauthorized access reach unprecedented levels, businesses and consumers are devising stronger means to safeguard personal identities, specifically to combat great vulnerability that lies with electronic identities.
Digital certificates are commonly used as proof of identity for access to networks, data and services. The keys tied to certificates are also the basis for digital signatures. Theft of a digital certificate allows substantial opportunity to commit crimes of fraud and unauthorized access. Fraud or forgery using a stolen digital signature is not easy to prove. Since a digital certificate could be stolen by making a copy of it, it could take the owner some time to realize a theft had occurred. It is extremely important to provide the best possible security around the storage and use of digital certificates. Using Trusted Computing standards for hardware-protected digital certificates provides a safeguard against theft, by storing cryptographic keys and other data securely and away from traditional storage.
Perhaps one of the most critical features of the TPM is the flexibility it offers businesses and their mobile employees. Secure authentication makes sure that you-and no unauthorized users-have access to your system and its services. Through the integration of a trusted platform into a corporate network, a company can ensure better and stronger platform identity. For example, when an employee works externally or accesses a corporation’s network remotely, the company can control the access from outside sources, monitoring the identity of every platform and only allowing valid users logging in from valid platforms to sign-in. Secure authentication means continued productivity without sacrificing security.
Finally, a core function of the TPM is to be able to measure the key software components such as the operating system and security software running on the personal computer in order to determine if they are still in a known and trusted state. This will enable better detection of viruses, trojans, and systems which have been compromised by attacks. Knowing the trustworthiness of platforms is a key requirement for allowing remote systems into corporate networks and participating in high value transactions and sensitive web services.
The vision of an industry standard for security has been forming for years. We are now on the cusp of its fruition, with shipments of TPM-enabled computers having reached a critical mass to where users can “flip the switch” and recognize the benefits that come from cutting-edge security hardware welded right to the motherboard of their computers. Powerful software is now available to leverage the increased protection, introducing a whole new era of security. Hacker’s jobs are about to get a lot harder-with improved security built in directly, computers can finally more effectively secure and protect themselves.
This is a compelling case to suggest that all PC purchases going forward should be Trusted Computers.
1 (Source: Digital risk damages as calculated by the mi2g Intelligence Unit, February 16, 2005).
The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals and devices. TCG specifications enable more secure computing environments without compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets (data, passwords, keys, etc.) from compromise due to external software attack and physical theft. For more information, visit www.trustedcomputing.org .
Steven Sprague is president and CEO of Wave Systems Corp., the leader in delivering trusted computing applications and services with advanced products, infrastructure and solutions across multiple trusted platforms from a variety of vendors. A pioneer of the Trusted PC movement, Sprague has spoken and presented at more than 50 industry events, sharing his expertise on trusted computing applications and services. Wave Systems holds a portfolio of significant fundamental patents in security and e-commerce applications, and employs some of the world’s leading security systems architects and engineers. For more information on Wave Systems and trusted computing solutions, visit www.wavesys.com.
