To enable BitLocker for full-disk encryption on a PC without an option for a TPM you’ll need to need to use Intel PTT. The ASUS ROG MAXIMUS X APEX (Intel Z370) did include a TPM header, so this is a change that has just recently taken place. For example the ASUS ROG MAXIMUS XI EXTREME is one of the flagship Intel Z390 boards at $572.99 shipped and it doesn’t have a TPM header on the board. While Intel PTT has been around for roughly six years it is only now starting to get mainstream attention as motherboard makers have begun removing TPM pin headers from their boards to reduce costs and to free up motherboard surface area for other features. Windows 10 has an additional feature called “Device Encryption”. It should be noted that BitLocker is available on most versions of Windows 7, 8, and 10.
So, you get enhanced drive security without the having to buy TPM Modules like you had to in the past.
This is because Intel PTT supports all Microsoft requirements for firmware Trusted Platform Module (fTPM) 2.0. Intel PTT works on pretty much every processor/chipset since 4th Gen Core (Haswell) processors were introduced and it even supports BitLocker. Intel PTT is basically the firmware alternative to a the hardware based TPM. That is because you can use Intel Platform Trust Technology (Intel PTT) which was introduced back in 2013. There is an alternative though and you do not have to have a TPM to enjoy BitLocker in Windows. This optional hardware-based solution takes a bit of time and effort to get enabled, but it is preferred by many as it separates your security infrastructure from the host system, making it very difficult to spoof, tamper or defeat. Once enabled, any changes or attacks to low-level (root) system assets should be caught and not allowed to run. Each TPM chip has a unique and hidden RSA key burned into it during production making each one truly unique. This is because the TPM has a microcontroller on-board that generates and stores keys, passwords, and digital certificates. Once enabled your drive will be secure even if it is removed from the system. The good news is that for under $20 you can pick up a TPM 2.0 module for your existing desktop board that will allow you to take your system security to the next level by enabling whole-disk encryption! ASUS TPM-M R2.0 Module w/ ROG MAXIMUS X APEX BoardīitLocker by Microsoft is one of the most common ways to secure data with a TPM. Most laptops have a module already included, but it is an ‘extra’ option on most desktop boards. Most desktop motherboards have a pin header on them that allows users to buy a Trusted Platform Module (TPM) for enhanced security.
0 kommentar(er)
