“Trusted Computing” is the information technology industry’s response to the ever-increasing need to protect the privacy of information. The Trusted Computing approach — an inexpensive method of ensuring laptop, desktop and server security at the hardware level — is on the horizon. The hardware aspect of Trusted Computing, a standards-based chip commonly referred to as the Trusted Platform Module (TPM), already appears as a feature in new businessclass laptops. Development of the software required to deploy Trusted Computing to its fullest potential is under way. Within a year, all operating systems (Mac OX, Windows, and Linux) will support the TPM without third-party add-on software. But it is a third component, good data practices, that will determine whether government can successfully deploy Trusted Computing as effective protection against unauthorized data access, software attack and even physical theft. IMPLEMENTATION OF TRUSTED COMPUTING PCs, laptops and servers installed with TPM (of which version 1.2 is the latest) treat everyone and everything as an adversary. Persons logging onto the computer must present flawless authorization credentials in order to access data on the computer, which is encrypted in secure storage for an added level of security. Failure to present proper credentials renders the computer and its data useless. The TPM can also be used by appropriate operating systems or other software to protect against software attack -- such as viruses and spyware -- in a similar fashion. Any program must have the correct authorization before the TPM will allow it to run. And, because Trusted Computing operations take place in a closed hardware environment — the chip — the secure operations themselves are protected from attack. Even laptop theft, featured prominently in recent news reports, would no longer be an issue as long as good data practices are in place. Good data practices are not a new concept. In any environment that uses critical data — with or without “Trusted Computing” requires good data practices INFORMATION PRIVACY Guest Columnist BY SAM CHUN Sam Chun, CISSP, is the director of information assurance for TechTeam Government Solutions, Inc., an IT solutions company that provides information assurance to federal, state and local governments. Chun can be reached at sam.chun@techteam.com
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.