Why Does Windows 11 Need TPM 2.0?
If your organization is looking to make the jump to Windows 11, you may have noticed a new requirement that was not necessary when upgrading to Windows 10.
A computer must have Trusted Platform Module (TPM) version 2.0 to upgrade to Windows 11. Since July 28, 2016, TPM 2.0 became standard issue for business computers, so any computer manufactured before that will not be able to upgrade to Windows 11.
TPM 1.2, essentially the first widely used version of TPM, was deployed on most business-grade computers beginning in 2005 and does not meet Windows 11’s requirements.
So, what is TPM 2.0, why is it necessary for Windows 11 and why are older versions of TPM not compatible?
What is TPM?
Simply put, TPM is a baseline of hardware security for your computer.
It’s a chip on your computer’s motherboard that is used by services like BitLocker and Windows Hello (biometric sign-ins) to securely create and store cryptographic keys. It also confirms the operating system and firmware on your device are what they are supposed to be and that they haven’t been tampered with.
“TPM 2.0 offers a more consistent experience across different implementations, according to Microsoft, which is why it requires any computer to have it before upgrading to Windows 11.”
Tamper resistance is a key function of TPM, as it means an attacker can’t pull a hard drive from your stolen computer and access your files by putting it into another computer. With TPM, those files are encrypted, meaning the attacker would need the correct cryptographic key to decrypt the information.
TPM 1.2 chips were mostly used in business computers, so a consumer who bought their computer for personal use didn’t always get the same security features.
Microsoft’s goal with requiring TPM 2.0 is to bring everyone using Windows up to the same level of protection.
Why Isn’t TPM 1.2 Good Enough?
Microsoft detailed several security advantages 2.0 has over 1.2, including support for more modern cryptographic algorithms.
In layman’s terms, cryptographic algorithms are the mathematical equations used to scramble plain text and make it unreadable (or encrypt it).
Generally speaking, TPM 2.0 offers a more consistent experience across different implementations, according to Microsoft, which is why it requires any computer to have it before upgrading to Windows 11.
Secure Your Systems with Managed IT Services
Looking to enhance your organization’s security? Contact us here to see how we can help keep your business running smoothly while increasing productivity, security and profitability.