Two such technologies that are starting to go mainstream include Trusted Platform Module (TPM) to protect PCs and Trusted Network Connect (TNC), an open architecture for Network Access Control. TPM is a secure microprocessor on the motherboard that can store cryptographic keys to handle authentication and encryption. Major PC vendors support the chip, and most modern operating systems can take advantage of its capabilities.Cryptography is necessary because strong passwords aren't enough at a time when powerful computers and password-cracking tools have made it easier and faster to brute-force passwords-even a 14-character alphanumeric one, said the NSA's Stramella. Using TPM for authentication would protect against these brute-force attacks, as the private keys are stored within the hardware module, making it harder for attackers to expose or steal them. However, most enterprises aren't using the built-in security features. Only a relatively few actually use TPM as the primary means of authenticating users or protecting data stored on PCs. "It's only recently that TPMs and other elements of Trusted Computing have evolved to a point where they can be built in and turned on," said Stacy Cannady, a distinguished technologist at IT consulting company Digital Management. However, now the NSA is telling the industry, "Pay attention, learn and do something," noted Wave's Berger. "Don't just absorb the information."
Computers with built-in cryptography have been around for almost 10 years, Robert Thibadeau, senior vice president and chief scientist at Wave Systems, said at the conference. More than 500 million computers include the TPM encryption chip, and self-encrypting USB drives are readily available on the market, Thibadeau said.