With security breaches becoming commonplace, it should not take an inordinate quantity of data/facts to convince those responsible for improving security to take action (for those who need a few numbers to get their attention, see Security Risks, following). Now the problem becomes; "What can one do about it?" Fortunately, providing the answers has been the driving force for an organization that is behind putting trust into more than 50 million personal computers. Established in 2003, the Trusted Computing Group's goal is enterprise-wide security, based on compatible technology building blocks.

SECURITY RISKS

1. Market research firm IDC believes that spyware infects more than three-quarters of all corporate computers.
2. According to statistics from computer manufacturers, 2000 laptops are stolen daily.
3. ESG Research found that 47 percent of surveyed companies said that a worm attack compromised some part of their network.
4. In 2005, at least 130 reported security breaches exposed more than 55 million Americans to potential ID theft.
5. According to the Washington Post (Feb. 13, 2007) even the FBI reported that 160 laptop computers were lost or stolen in less than four years, including at least 10 that contained sensitive or classified information.

At the enterprise level, the entry points that are most vulnerable to attack include computers (desktops, notebooks and servers), portable devices (such as mobile phones and PDAs), network applications and gear, and software applications as well as the associated storage for any of these items. However, without taking a holistic approach in addressing the full system, any data access or storage point becomes a potential weak link that could allow hackers with criminal or malicious intent access to a corporation's secrets.

WHO DO YOU TRUST?
Comprised of about 160 member companies involved in hardware, components, software, services, networking and mobile phones, the Trusted Computing Group (TCG) was created to develop open industry specifications for hardware-enabled trusted computing and security technologies.
These companies, which include prominent leaders in their respective segments, came to an important conclusion: the level of trust they were able to deliver to their customers, and upon which a great deal of the information revolution depended, needed to be increased. At the same time, security solutions for computing needed to be easy to deploy, use and manage. The resulting specifications, when implemented, will improve the trust available within the PC and the network, as well as any device connected to the network, including mobile phones, PDAs and servers.
One of the fundamental aspects of trust is that a system behaves as designed and as intended. By incorporating "roots of trust," based on hardware that cannot change and can digitally sign, a chain of trust is initiated in computer platforms. TCG pioneered and established its initial effort to help users protect information assets such as data, passwords and keys from external software attacks and physical theft.