What is TPM: Why are Trusted Platform Modules important

Windows 11
(Image credit: Microsoft)

Windows 11 has thrown a little known piece of hardware in the limelight, one that could potentially make or break the success of Windows 11. Meet the TPM.

Its purpose is to protect your data (business or personal). TPM stands for Trusted Platform Module, has been around for almost a decade and it's a tiny bit of hardware - usually a processor (that's right a CPU) - that makes a big difference by protecting the data on a device.

Why a TPM?

Data protection is particularly important with laptops and tablets, because of course such devices are lost and stolen in huge numbers.

Each of those laptops is a data disaster waiting to happen, because laptops are often used to store sensitive or regulated data - HR records, perhaps, or financial data, or your top secret plans for global domination. If that data got into the wrong hands.

Enter TPM; TPM can be used to encrypt data so that even if it falls into the wrong hands, unauthorized users can't access it in theory.

A close up of a TPM module

A close up of a TPM module (Image credit: Quiet PC)

TPM in action

A TPM-protected device requires its user to identify themselves. Depending on your systems, that identification can be accomplished in several ways: using a PIN code or a password, through bio-metric data such as fingerprints, via a smart card or a one-time password, or by a combination of those methods (note that this step usually happens before password managers come into play). 

Whatever method you choose is the key to your system, and your data is safely locked away. TPM's job doesn't stop when the correct user is logged in. It can be used to encrypt the entire hard disk or just parts of it, it can authenticate online activities such as secure email and virtual private networking (VPN), and it can also be used to ensure that when a computer reaches the end of its life it doesn't go to the recycler/refurbisher with any confidential data still on it.

TPM, so hard to beat

TPM-based encryption is exceptionally difficult to break. TPM-protected data can't be read without the correct authentication, and because encryption keys are processed independently by the TPM processor, it isn't vulnerable to operating system vulnerabilities or software-based hacking attacks.

It isn't vulnerable to physical attack either. TPM-enabled devices can tell if hardware has been added or removed, and they can be configured so they'll refuse to operate if they detect such tampering. 

You can't beat the encryption by removing the hard disk and putting it in another machine, because TPM-based encryption can only be unlocked from by the specific TPM processor that locked it away in the first place.

And even extreme measures such as transplanting the TPM chip into a different computer won't work, because the TPM processor is tied to the device it was first installed in.

Taken together, those features mean that the TPM offers businesses something very important: the knowledge that even if devices fall into the wrong hands, the data on them won't.

TPM and Windows 11

Windows 11 was announced on June 24 and came with a rather unexpected surprise, the presence of TPM 2.0 as one of the minimum requirements for setting it up. Given the fact that TPM is historically a business/enterprise feature, it is therefore less common in DIY, custom-built and boutique-sourced rigs.

Adding TPM, for many, turns out to be a doddle for whoever knows how to access a BIOS and enable Firmware TPM (or fTPM) but then again, your mileage will vary and for many, many users, that might mean having to either add a TPM module or buy a compatible Windows 11 PC when they come to the market.

As to why Microsoft made it compulsory to have TPM, well other than the security aspect, some might posit that doing so could make it harder, much, much harder for pirated/illegal copies/licences of Windows 10 to be sold in the open market.

Carrie Marshall
Contributor

Writer, broadcaster, musician and kitchen gadget obsessive Carrie Marshall has been writing about tech since 1998, contributing sage advice and odd opinions to all kinds of magazines and websites as well as writing more than a dozen books. Her memoir, Carrie Kills A Man, is on sale now and her next book, about pop music, is out in 2025. She is the singer in Glaswegian rock band Unquiet Mind.

Read more
Using Zipped files and folders in Windows 11
Windows 11 might soon be more helpful in letting you know how powerful your PC actually is – I just hope this planned feature is better than Microsoft’s past efforts
Acer Aspire 14 AI laptop display showing the Windows 11 login screen
Shock, horror – I’m not going to argue with Microsoft’s latest bit of nagging in Windows 11, as this pop-up is justified
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Hardware supply chain threats can undermine your endpoint infrastructure
Windows 11 forced onto old hardware
Microsoft quietly removed its instructions for installing Windows 11 on an unsupported PC – is this something to do with the 24H2 update?
A woman using a phone while she's sitting at a desk that has a laptop on it
Got a new laptop with Windows 11 in S Mode? Let’s break down what that means (and how to switch it off if it’s not for you)
Frustrated unhappy laptop user girl touching head at work table with computer
Five essential tips for keeping your new PC secure
Latest in Software & Services
A man sitting at his desk in the evening and using a desktop computer
Office 2021 vs Office 2024: is it time to upgrade?
Microsoft 365 Business app logos
Office 2024 LTSC vs Microsoft 365 Business: what are the differences?
Windows 11 Start menu layout choices: Grid view
Windows 11 vs Linux for business: which operating system should you embrace?
A phone sitting on a laptop keyboard with the Microsoft Outlook logo on the screen.
Gmail vs Outlook for business: which email system is right for your organization?
Windows 11 logo
Windows 11 Pro vs Windows 11 Home: which version is right for you?
Canva HubSpot
HubSpot and Canva team up to level the creative playing field
Latest in News
Vision Pro Metallica
Apple Vision Pro goes off to never never land with Metallica concert footage
Mufasa is joined by another lion, a monkey and a bird in this promotional image
Mufasa: The Lion King prowls onto Disney+ as it finally gets a streaming release date
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Nvidia RTX 5060 GPU spotted in Acer gaming PC, suggesting rumors of imminent launch are correct – and that it’ll run with only 8GB of video RAM
Indiana Jones talking to a friend in a university setting with a jaunty smile on his face
New leak claims Indiana Jones and the Great Circle PS5 release will come in April
A close up of the limited edition vinyl turntable wrist watch from AndoAndoAndo
This limited-edition timepiece turns the iconic Technics SL-1200 turntable into a watch, and I want one