Frontrow Technology
← Wiki

Glossary

What is a TPM — the Trusted Platform Module explained

A Trusted Platform Module (TPM) is a dedicated hardware chip that securely stores encryption keys, protects identity, and helps ensure the integrity of a device, increasingly vital for AU cybersecurity posture.

Last reviewed 3 July 2026

What a TPM does

A TPM is a specialised microchip designed to secure hardware by integrating cryptographic keys into the device. It supports functions like BitLocker key storage, Windows Hello credentials, and secure boot processes. Discrete TPMs are separate physical chips, while firmware TPMs are software-based emulations, though discrete TPMs offer greater security. TPMs provide a root of trust, verifying the integrity of the system before boot and protecting sensitive data from unauthorised access.

TPM in Australian tenants today

In AU mid-market environments, TPMs are becoming essential. The ACSC Essential Eight Maturity Level 2 (ML2) explicitly requires hardware-key protected encryption, often necessitating a TPM. Intune compliance policies can check for TPM presence as part of device health validation. Furthermore, Conditional Access policies can enforce device-based controls, using TPM attestation to verify device integrity before granting access to corporate resources. APRA CPS 234’s focus on cyber resilience also aligns with the secure boot capabilities TPMs provide.

Want Frontrow to walk this through with your team?

30 minutes. No deck. A senior Frontrow consultant walks through your tenant, your priorities, and the next sensible move.