Windows 11 is obsessed with the TPM Chip. But what IS the TPM Chip?

Windows 11 is obsessed with the TPM Chip.  But what IS the TPM Chip?

Windows 11 is the hot new operating system recently released by Microsoft.  It is free to upgrade but your computer has to meet a few requirements.  Like most of the prior versions of Windows, the requirements are pretty basic and easy to meet.  Except for this time, one curveball is blocking many people.  The requirement is that the computer has a TPM chip.  However, what is a TPM Chip?

The 007 of Cybersecurity

TPM stands for Trusted Platform Module.   It is literally a special, small chip inside of modern computers.   It is like a small security system placed in the computer that is extra resistant to tampering.   In the past, computers used little software programs to do much of the security work but this takes things to a new level as it is a physical device thus making hacking it far more difficult.

The TPM chip helps manage and protect things like disk encryption, which is used to scramble the contents of your computer's storage.  If someone takes out that hard drive and tries to put it in another computer if it has been encrypted it will be completely unreadable.  Browsers like Chrome, Edge, and Firefox can use it to help secure communications over the web.

So What Changed?

But why require this now?  We have had great cybersecurity since before this requirement, right?   Actually, Microsoft has been requiring new computers that ship with Windows to have a TPM chip since 2016 even if people could still install Windows 10 on older computers that did not have the chip.   Because security has become more and more critical, they are finally forcing the requirement with Windows 11.  This allows them to build features and modules that can take advantage of this feature and not have to plan for how those systems will work if the chip is not present.

You Can Trick it But... Do You Want To?

If Windows 11 refuses to install on your computer and reports the TPM chip is missing, there are ways to work around it and get it installed.  But it’s risky.  Microsoft has made it clear that if you do that, you might not be able to install future updates, patches or security fixes.   Therefore, while you can do that, it could actually break your system down the road versus just leaving Windows 10 on your computer.

It is possible to buy and install a TPM chip in some situations but it is not easy and requires steps beyond just plugging in a new chip.  In general, we do not recommend spending the time nor the money to try to bring an old computer up to compliance.  It is usually better to simply keep the older operating system on it (If it is still being supported) and eventually replace the computer with a newer model in the future.

Security Can Be a Pain But it Really Is Needed

Software companies like Microsoft always have to make painful decisions and tradeoffs between keeping users happy (supporting older systems) and tightening security.  This will block some users from upgrades but it is a significant improvement in security at a time when the bad guys seem to be getting better and better and breaking into your data.

If you would like help improving your companies cybersecurity, or even just reviewing where you stand now, let us know, we’d love to help!