HP has launched HP TPM Guard, a hardware solution to stop physical attacks on the TPM bus, via the world’s first business laptop capable of preventing physical-access attacks that bypass BitLocker drive encryption. HP also announced improvements to its HP Wolf Security PC lineup and extended quantum-resistant protection to a broader range of printers.
Closing the BitLocker security gap with HP TPM Guard
Personal computers are at the core of modern hybrid work, where vast amounts of sensitive information are stored—from confidential documents and credentials to customer and employee data. The rise of AI-powered apps processing voice, video, and screenshots, and the sheer volume of sensitive data held on PCs, only increases the stakes.
Enterprises have widely used BitLocker to protect this data in case of loss or theft of devices, but vulnerabilities uncovered in recent years can allow a attacker with physical access to bypass BitLocker and extract data. Commonly known as “TPM bus attacks”, this technique relies on intercepting the communication between the Trusted Platform Module (TPM) and the CPU, and can be executed in under a minute for about $20 in hardware with minimal training.
HP TPM Guard protects against this threat by introducing an encrypted link between the TPM and the CPU, preventing interception and system analysis. The TPM is cryptographically bound to the device, which allows it to be disabled if removed or tampered with, thereby sealing this security gap that affects the entire industry without adding complexity for IT teams.
“Computers today store large amounts of highly sensitive information, and new AI-powered multimedia workloads are pushing device workloads to the limit. While BitLocker used to be trusted to protect data, today a attacker with just a couple of hours of training and a $20 hardware kit can bypass that protection,” says Dr. Ian Pratt, Vice President of Security and Chief Technologist for HP’s Personal Systems Commercial segment
“We have developed a hardware and firmware solution, in close collaboration with our chip-foundry partners, that prevents these threats and delivers the strongest protection customers have been asking for,” continues Dr. Ian Pratt. “This resolves a problem affecting the entire sector and will be strategic for all organizations, especially those in regulated industries, government bodies, and other entities handling highly sensitive information on their computers and needing to take every precaution to protect their data.”
New HP Wolf Security capabilities
HP is also strengthening security across its commercial PC lineup with the rollout of new HP Wolf Security features. These focus on increasing the synergy between the Workforce Experience Platform (WXP), HP Wolf Security, and the enterprise architecture to reduce operational costs and cyber risk. These new functionalities include:
- Integration of Wolf Controller and WXP to reduce risk and operational friction
- Next-generation Wolf Connect mobile/SIM card to deliver greater precision with lower power consumption
- Greater compatibility with the Sure Recover platform at a lower cost
- Centralized collection of security logs within Wolf Controller
Quantum resistance: the future of printing security
Experts anticipate that the probability of a quantum computer cracking today’s asymmetric cryptography could reach as high as 34% by 2034, underscoring the urgency for protections that resist quantum attacks. Given that printers are increasingly targets as an entry point into networks, HP is extending quantum-resistant cryptography to a broader range of devices:
- New HP LaserJet Pro 4000/4100 series: The world’s first small-to-medium business printers with quantum-resistant protection, along with tamper-resistant toner chips, firmware, and packaging. HP Workforce Experience Platform and the optional HP Security Manager enable optimized security compliance and fleet-wide device management under a single umbrella.
- New HP LaserJet Enterprise 5000/6000 series: The world’s first enterprise printers shipped from the factory with protection against quantum-computer-based attacks, reducing exposure risk. The series also features HP Wolf Enterprise to detect, isolate, and automatically recover from cyberattacks, and they are the only printers with zero-day threat detection and in-memory code-execution recovery.
- The HP LaserJet Enterprise 5000/6000 series will also include automated protection, which detects and erases sensitive information, such as personal data or financial details, helping organizations meet regulatory compliance without adding extra review steps for the IT department.
