Business ‘black hole’ in virtualisation security
By Asavin Wattanajantra,
More than half of businesses do not know if their employees are running virtual desktops creating environments completely hidden from IT admin, according to Sophos.
As virtualisation tools become more popular, there was a risk of end-users running unauthorised software in the virtual environments they created. Sophos said that the IT departments needed to make virtual desktop management of a priority because of this, as they could open holes in security.
Richard Jacobs, chief technology officer at Sophos, said that hidden virtual environments were impossible to defend against cyber attacks. He claimed that companies should be wary of the risk that employees would install them, for example because they were trying to get around bans on instant messaging or social networking
He said: “Uncontrolled and unmanaged virtual computers could lead to potentially disastrous consequences, including corporate identity theft, financial losses and embarrassing headlines.”
The growth of free virtualisation tools may also encourage employees to download them without any malicious intent. Sophos gave the example of unauthorised virtual browsers not up to date with security patches, or running virtual unprotected peer-to-peer (P2P) programs.
“Virtualisation can offer cost-saving benefits- especially important in the private sector,” said Antony Barke, senior technical engineer at Basildon and Thurrock University Hospitals NHS Foundation Trust.
“However, it’s essential to secure the virtual environment, just as you would do the rest of the corporate network – the same threats exist and this shouldn’t be overlooked.”
Sophos recommended that businesses made sure employees were aware of acceptable usage policies, and that IT staff had visibility into what applications they were downloading.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Dell EqualLogic PS6100XS review
- Chromebooks: What's gone wrong?
- ICO: Fines for cookie law breakers
- UK regulator shuts down Angry Birds scam
- Open source software driving cloud-based innovation
- Fujitsu targets enterprises with Android ICS tablet
- IBM bans use of Siri on iPhones
- Dell PowerEdge R820 review
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
