Despite the ubiquity of the Trusted Platform Module, holdups exist and adoption remains slow. Deb Radcliff reports.
In 2008, an unencrypted laptop went missing from the car of a worker at Barnabas Health, New Jersey's largest health care system. And, although fewer than 2,000 records were exposed, the health care provider subsequently made self-encrypting drive (SED), a type of hardware-based encryption, a mandatory part of its mobile device upgrade process.
“Everyone who gets a new laptop must have SED enabled,” says Hussein Syed (below), director of IT security at Barnabas Health, which consists of 4,600 physicians, seven medical facilities and two business offices. “We don't want to incur another incident because someone left a document on a device and then lost it.”
The encryption cannot be tampered with by users, and access is easier because assigned users now need only one master login to access all their provisioned resources (via Active Directory). SED takes only minutes to initially encrypt the full contents of the hard drive, compared to 36 hours using an older, software-based disk encryption. And, using a third-party encryption management service from Wave Systems, machines can be provisioned just as quickly, says Syed.
Now, with SEDs present in virtually every one of its 1,280-issued laptops, Saint Barnabas is turning its attention to SED's companion technology, Trusted Platform Modules, or TPMs.
TPM, which began shipping in October with Windows 8 and the Windows 12 management server, has become ubiquitous. The specification integrates with other modules from The Trusted Computing Group (TCG) to support system integrity checks, disk encryption, key management and other functions at machine speed.
TCG, parent to both TPM and SED, claims there are more than a billion PCs, servers, embedded systems, network gear and other devices with TPM and/or SED functionality embedded in them. Yet, according to analysts, actual adoption of these technologies is difficult to measure and has been slow to catch on.
“I am surprised at the modest adoption of hardware roots of trust, in spite of the ubiquity of embedded TPMs in enterprise-class machines,” says Derek Brink, an analyst with Aberdeen Group, a Boston-based provider of intelligence research. “It seems a question of commitment and will, rather than waiting for the technology to be available and mature.”
In a comparison study Aberdeen published last June, 41 companies using SED experienced 50 percent fewer incidents and saved $80 per endpoint per year versus 81 companies that used other forms of disk encryption.
One thing holding up widespread adoption of TPM and SED is interoperability, according to users and analysts. Apple, Google and Microsoft all use different standards, not all of which support TPM, says Roger Kay, founder and president of the Massachusetts-based analyst firm Endpoint Technologies Associates (ETA). The other problem is key management, he adds.
“As with PKI encryption for the PC world, the problem is the certificate authority (CA),” he says.
Most organizations will require a third-party intermediary, such as Wave Systems, which needs to interoperate with other CAs, say analysts. There will also be those with enterprise expertise in key management who will want to manage their own keys.
To support enterprise key management and interoperability, the Trusted Computing Group is putting a lot of emphasis on Windows 8 endpoints, including built-in TPM supportable through Windows 12 server. TPM enhances support for SED and includes a pre-boot system integrity check that the accessing system's basic input/output system (BIOS) and registries haven't been changed from a pre-measured state.
“TPM has mainly been used by a small segment of PC users to tie their Windows Bit Locker and other encryption keys to user devices,” says Steven Sprague, CEO of Lee, Mass.-based Wave Systems. “Now, these features are native.”
Of all the features in TPM today, machine attestation – or the ability to boot up in safe mode, check the machine's integrity and remotely attest that its settings have not been changed – is the most important feature, says Neil Kittleson, Trusted Computing portfolio manager for the Commercial Solutions Center at the National Security Agency (NSA).
Since the TCG's inception 10 years ago, the NSA has been heavily invested in using the nonprofit's technologies in its high assurance platform, or HAP.
“TPM capabilities represent a shift against today's attackers who are embedding rootkits beneath the notice of today's software-based security solutions,” Kittleson says. “We found TPM works very well for our high-assurance platforms.”
In a demo, a simulated attack on a TPM-protected device at the NSA stopped malware from spreading out of a virtual machine onto a host system. Researchers demonstrated a failed attestation when an infected device tried to connect. In that case, access was denied, and an alert sent to the mobile management administrator as the authentication server detected changes in the registry.
Despite this success, TPM is only in use among a “miniscule amount of devices” used across the vast defense network supported by the NSA, says Kittleson.
Adoption of Windows 8 and the upgrade of the key management infrastructure should help speed adoption across the Defense Department networks and other organizations supported by the NSA. It should also propel the Barnabas operation into full adoption.
While deployments may seem slow at this time, the licensing costs of TPM modules are declining, and interoperability standards are improving, say experts. This market penetration, combined with new risks introduced as mobile endpoints continue to proliferate, means it is only a matter of time before the use of TPM technologies becomes more common than not, both Syed and Kittleson say.
“The real driver is mobility,” ETA's Kay adds. “If every device is a potential attack point, we need to protect those endpoints with hardware-based security.”
TPMs...and applying standards
Critical control systems running power, water and industrial operations most often run on legacy Windows and Unix systems that, due to the sensitive nature of the system's processes, are difficult to upgrade and change.
“The big challenge in the industrial control systems environment is how do you add new security, like Trusted Platform Modules (TPMs), without impacting the operations of these critical systems?” says Steve Hanna, distinguished engineer at Juniper Networks, and chair of The Trusted Computing Group's (TCG) Trusted Network Connect working group.
Most organizations running control systems work around this by implementing multi-directional gateways to protect these systems from being directly accessed by systems elsewhere on the network.
TCG applied this same concept through its IF-MAP protocol embedded in these unidirectional security gateways to communicate information across industrial control systems. IF-MAP ensures that legacy systems are only talking to approved security gateways that have been positively identified by the TPM chips embedded in them. It also supports encryption of data passing through them.
“Security requirements have moved beyond PCs and laptops to all types of new embedded devices – printers, video scanners, cars, manufacturing and industrial control systems,” Hanna says. “Standards are the only hope for interoperable security for these devices.”