Windows 10 is installed in over 800 million devices but a fraction of those are running with increased security offered in this operating system.
In this tutorial we will show you how to enable Secure Boot and TPM to increase the security of Windows 10.
What is Secure Boot?
Secure boot is a security standard developed by members of the PC industry to help make sure that a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM). This prevents it from starting the computer from malware, ransomware, etc.
What is a Trusted Platform Module (TPM) ?
TPM is a hardware chip that is either part of the motherboard or added on later.
Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. The chip includes multiple physical security mechanisms to make it tamper resistant, and malicious software is unable to tamper with the security functions of the TPM.
Enabling Secure Boot
Always backup your computer before making major modifications. Write down your current settings. Microsoft has some tips on enabling Secure Boot. Each computer is different, so your screen options will vary.
- Enter your PC’s BIOS setup by hitting the right key during bootup, such as F1, F2, F12, ESC or Delete.
- Make sure your computer Boot Mode is set for UEFI, not Legacy
- You may need to set Windows OS Configuration – Windows 10 WHQL Support to UEFI before you can see Secure Boot – It is called CSM for some BIOSes