Sophos White Paper Sample

The security issues
The benefits of virtualization might have been recognized but what is not so well grasped is the issue it raises about security. Server virtualization, with its enclosed, managed, highly protected data center environment, is not much more vulnerable than non-virtualization. Similarly, virtual desktops that are managed by IT, are running no significant increased risk. The real thorny security issue today is the proliferation of unauthorized virtual software that might be running on your company desktops and roaming laptops for a couple of reasons:

• Product evaluations, games and other software are often distributed on virtual appliances and free virtual machine players.
• Employees deliberately run unauthorized applications in a virtual environment to avoid detection -- they might even be running a private business.

There is also risk associated with authorized but unmanaged virtualization, notably the self-contained test and Q&A environments created by developers.