When a small business discovered their entire fleet of computers wouldn’t qualify for Windows 11, they faced an unexpected £25,000 hardware refresh with just weeks before Microsoft’s support deadline. This case study demonstrates how strategic technology consultation uncovered hidden capabilities in their existing hardware, saving significant capital whilst ensuring continued security and productivity.
The Challenge: End of Life Meets Budget Reality
In September 2025, with Windows 10’s end-of-life date rapidly approaching on 14th October, a local business contacted me in considerable distress. They had completed a comprehensive hardware refresh in 2021, investing substantially in what they believed would be future-proof equipment. Their computers operated flawlessly, handling daily business operations without issue. However, Windows Update delivered devastating news: none of their machines qualified for the free Windows 11 upgrade due to missing Trusted Platform Module (TPM) requirements.
The timing could not have been worse. With less than 40 days until Microsoft would cease security updates for Windows 10, they faced an impossible choice: rush into an unbudgeted hardware replacement costing approximately £25,000, or continue operating with increasingly vulnerable systems. Neither option was palatable for a small business already managing tight margins in challenging economic conditions. The prospect of replacing perfectly functional four-year-old hardware felt particularly frustrating when the machines themselves showed no signs of performance degradation or operational issues.
❓ What Is A TPM?
A TPM, or Trusted Platform Module, is a specialised security chip that provides hardware-based security functions. Think of it as a secure vault built into your computer that stores encryption keys, passwords, and certificates. TPM 2.0, required for Windows 11, offers enhanced security features including secure boot verification, disk encryption support through BitLocker, and protection against firmware attacks.
Whilst discrete TPM chips are physical components added to motherboards, many modern processors include firmware-based TPM (fTPM) functionality built directly into the CPU, offering equivalent security without additional hardware.
The Investigation: Looking Beyond Surface Requirements
Rather than accepting the situation at face value, I began a systematic investigation of their hardware specifications. The fleet consisted entirely of business-grade machines with Intel processors, all purchased during their 2021 refresh. Initial examination revealed that every machine exceeded Windows 11’s performance requirements for RAM, storage, and processing power. The sole barrier appeared to be the TPM requirement, which Windows Update reported as absent across all systems.
My research into the specific CPU models revealed an interesting pattern. Many of their processors utilised Intel’s Haswell microarchitecture or newer generations. Intel had been implementing firmware-based TPM functionality, marketed as Platform Trust Technology (PTT), since 2013. This technology provides TPM 2.0 compliance through firmware rather than requiring a discrete chip. If present and enabled, PTT would satisfy Windows 11’s security requirements without any hardware modifications.
The key insight came from understanding that manufacturers often ship systems with these security features disabled by default. This conservative approach prevents potential compatibility issues but means valuable capabilities remain dormant until specifically activated. My hypothesis was that their “incompatible” hardware might actually contain all necessary components, simply awaiting proper configuration.
The Solution: Unlocking Hidden Capabilities
To test my theory, I selected one workstation for initial configuration. The process began by accessing the system BIOS, which required a careful restart sequence to avoid disrupting normal operations. Within the BIOS interface, I navigated through security settings, searching for options labelled “Trusted Computing,” “Security Device Support,” or “PCH-FW Configuration.” Different manufacturers use varying terminology, but the underlying functionality remains consistent.
One of their laptops had the TPM settings under "Security > Trusted Computing". Others had the TPM settings under "PCH-FW Configuration"
ℹ️ Note
The important setting in the above screenshot is “Security Device Support”, which needed to be set to Enable in order to set up fTPM on this machine. When enabling this setting, the “Clear TPM” should also be set to Enabled if your laptop is bought used, this ensures that any stored TPM credentials from previous owners are cleared.
I discovered the critical setting under “PCH-FW Configuration,” which was set to disabled. Changing this to enable fTPM triggered a standard warning about the importance of backing up any encryption keys the module might generate. This precaution is essential for organisations using BitLocker or similar encryption technologies, as the fTPM will store these critical security credentials. After acknowledging the warning and saving the changes, the system rebooted normally.
❓ What Is An fTPM?
An fTPM (firmware Trusted Platform Module) is a software-based implementation of TPM technology that runs within your computer’s firmware rather than as a separate physical chip. Intel calls their version Platform Trust Technology (PTT), whilst AMD simply refers to theirs as fTPM. These firmware implementations provide the same TPM 2.0 security functions as hardware chips, including secure key storage, measured boot processes, and cryptographic operations.
The key advantage is that many processors from 2013 onwards include this capability built-in, requiring only BIOS activation rather than additional hardware. For Windows 11 purposes, fTPM and discrete TPM are functionally equivalent, both meeting Microsoft’s security requirements.
Upon returning to Windows, I launched the TPM Management Console by typing tpm.msc in the Run dialogue. Where previously this tool reported no compatible TPM, it now displayed comprehensive information about an active TPM 2.0 module. The firmware-based solution appeared indistinguishable from a hardware TPM to the operating system, providing all required security functionality.
The TPM service, showing that an fTPM is present which adheres to version 2.0 of the TPM standard. This allowed the small business to meet the upgrade requirements for Windows 11.
Of particular note are both the Status and TPM Manufacturer Information sections.
The Verification: Confirming Windows 11 Compatibility
Despite successfully enabling the fTPM, Windows Update continued to report incompatibility. This behaviour stems from the fact that hardware compatibility checks aren’t automatically refreshed after BIOS changes. To obtain an accurate assessment, I downloaded and installed Microsoft’s PC Health Check application, a dedicated tool designed to evaluate Windows 11 readiness with more granular detail than the basic Windows Update interface.
Running PC Health Check provided immediate confirmation: the system now met all Windows 11 requirements. The application displayed a clear message indicating upgrade eligibility, with the previously problematic TPM requirement showing as satisfied. This validation proved that the hardware possessed all necessary capabilities from the start; they simply required proper configuration to unlock their potential.
With the proof of concept established, I systematically repeated the process across their entire fleet. Each machine required approximately five to ten minutes for BIOS configuration, TPM verification, and compatibility confirmation. Within two hours, every computer in their organisation had transformed from “obsolete” to “Windows 11 ready,” all without purchasing a single new component.
The Impact: Strategic Value Beyond Cost Savings
The immediate financial impact was substantial. By avoiding an emergency hardware refresh, the business saved approximately £25,000 in direct costs. However, the true value extended far beyond this figure. They avoided productivity losses associated with setting up new systems, migrating user data, and retraining staff on potentially different hardware. The environmental benefit of extending existing hardware life rather than contributing to electronic waste aligned with their sustainability commitments—as it does with ours.
More strategically, this intervention transformed a crisis into an opportunity for measured planning. Rather than making panicked purchases under time pressure, they could now develop a thoughtful hardware refresh strategy for 2026. This approach allows them to spread costs over multiple budget cycles, evaluate emerging technologies properly, and potentially benefit from better pricing through planned procurement rather than emergency buying.
The solution also built confidence in their technology investments. Discovering that their 2021 hardware refresh included forward-thinking security features validated their original purchase decisions. It demonstrated that quality business hardware often contains capabilities beyond immediate requirements, providing unexpected value as standards evolve.
The Strategic Technology Consultation Difference
This case study illustrates the fundamental difference between reactive problem-solving and strategic technology consultation. A purely reactive approach would have accepted the initial diagnosis and proceeded directly to hardware replacement. Strategic consultation involves deeper investigation, understanding not just what systems report but what they’re actually capable of achieving.
The expertise required went beyond basic technical knowledge. It demanded understanding of processor architectures, security implementations across different manufacturers, and the evolution of firmware-based security solutions. Equally important was the ability to translate complex technical concepts into clear business decisions, helping leadership understand why firmware TPM provides equivalent security to hardware modules.
This holistic approach characterises strategic technology consultation. Rather than simply implementing solutions, it involves understanding business constraints, investigating all options, and delivering outcomes that address immediate needs whilst positioning organisations for future success. In this case, two hours of expert consultation delivered more value than a £25,000 hardware investment.
Looking Forward: Lessons for Technology Planning
This experience offers valuable lessons for businesses approaching technology transitions. First, vendor notifications and automated compatibility checks don’t always tell the complete story. Systems may possess capabilities that remain hidden without proper configuration. Second, engaging strategic technology consultation before making major investment decisions can reveal unexpected alternatives. The cost of expert assessment is minimal compared to potentially unnecessary expenditure.
For this particular business, the immediate crisis has passed, but the engagement continues. I’m currently working with them on developing a strategic technology roadmap for 2026 and beyond, incorporating lessons learned from this experience. Their hardware refresh will proceed on their timeline, with careful consideration of future requirements rather than panic-driven decisions. They’re also implementing regular technology assessments to identify and activate useful features before they become critical requirements.
The case also demonstrates why businesses need technology partners who think strategically rather than transactionally. A simple break-fix approach would have missed this opportunity entirely. Strategic technology consultation considers the broader context: business goals, budget constraints, operational continuity, and future positioning. It’s about making technology serve business objectives, not the other way around.
Alternative Paths Considered: Why Windows 11 Was the Right Choice
During my assessment, I thoroughly evaluated all available options, including migrating to Linux-based operating systems. Whilst Linux distributions offer robust security, long-term support, and freedom from vendor-imposed hardware requirements, this path presented significant challenges for a small business with immediate needs. The migration would have required replacing their entire application suite, as their industry-specific software and Microsoft Office workflows had no direct Linux equivalents that maintained full compatibility.
Beyond software replacement costs, the Linux transition would have demanded extensive user training, potentially weeks of productivity loss during adjustment, and ongoing support for unfamiliar systems. My analysis identified several potential functionality gaps where Linux alternatives couldn’t match their current Windows-based workflows, particularly in areas involving proprietary file formats and third-party integrations. For an organisation with extremely limited budget and just weeks before support deadlines, these risks and costs far exceeded any potential benefits.
The Windows 11 upgrade path, enabled through fTPM activation, offered compelling advantages: zero application replacement costs, minimal user disruption, and continuation of established workflows. The upgrade process itself required only the installation time and a system reboot per machine, allowing normal business operations to resume immediately. Staff could return to work using familiar interfaces and tools, eliminating training requirements and productivity losses. This pragmatic solution delivered security compliance whilst respecting the business reality of budget constraints and operational continuity needs.
This case study represents real client work completed in 2025. Specific identifying details have been omitted to maintain client confidentiality whilst preserving the technical accuracy and business impact of the engagement. If your organisation faces similar technology transitions or would benefit from strategic technology assessment, please contact us to discuss how we can help unlock hidden value in your existing infrastructure