Securing Virtualisation On Your Desktop at Work


Invented by IBM decades ago and later popularised by VMware for the x86 platform, virtualisation is a highly popular technology that made it possible to digitise an entire PC desktop or server to a file image. Known as a virtual machine (VM), these system images can be run in parallel with other VMs or even launched from a different operating system.

And for all the talk about the death of the desktop PC, there is no question that virtualisation remains very much relevant in today’s mobile-centric world.

The importance of virtualisation
For a start, virtualisation is a core technology used by organizations to manage their IT workloads more efficiently. Businesses can do more with less by running multiple VMs on the same server, gaining substantial savings from hardware servers they no longer need to buy. Elsewhere, the hypervisor technology in virtualisation also undergirds much of the public cloud today, and is instrumental to the easy transfer of system images between cloud regions and even across competing cloud platforms.

When it comes to mobile workers who are constantly on the move, virtualisation software on laptops offers unsurpassed flexibility to run the applications that they need. For instance, Linux-based load testing tools can be easily loaded from a VM image, while security experts can access their favorite security tools regardless of the operating system they are designed for. Similarly, enthusiasts or IT managers can dabble with the likes of Chrome OS and Android from the comfort of their primary work machines.

The benefits are not just limited to enterprise IT or power users. Working professionals too, can tap into virtualisation to access legacy applications from the latest Ultrabook or MacBook laptops. Such applications could range from unsupported software that will only run on a version of the operating system, or for a Mac user to run native Windows applications on their MacBook.

Challenges of virtualisation
Desktop virtualisation is not without its challenges though, and a heftier performance footprint and security considerations are two glaring downsides on this front. The former is less of an issue with modern PCs and laptops that are equipped with microprocessors incorporating support for virtualisation and 8GB or more of memory. Moreover, the increasing prevalence of solid-state drives (SSD) and their substantially faster read-write performance also plays an important role by speeding up the loading of VMs.

A misplaced and unsecured VM image could be disastrous for security, however, as it is likely to contain both the data and software applications required to access it. Aside from the risks of lost or stolen laptops containing confidential VM images, an additional danger revolves around how they could be silently copied out; the fact that each VM image is nothing more than a large digital file means they could be stolen without a trace.

Even in the absence of malicious intent, the ease by which VM images can be copied could result in unanticipated issues. Well-meaning employees could distribute copies of their VMs to colleagues without the knowledge of the IT department. This can culminate in software licensing headaches from preinstalled licensed software, or potential database corruption when an older version of a client-server application is inadvertently used.

Securing your virtual machine
Fortunately, using virtualisation in a secure fashion is not an insurmountable challenge. Measures exist with which to stymie the theft of virtual machine image, either by disabling or locking-down physical USB ports, or with the use of data loss prevention software to log and report attempts to copy VM images out.

Organizations that require more sophisticated capabilities can turn to modern virtualisation software with support for additional security features, such as the ability to enforce encryption to protect both virtual disks and virtual memory files. Other important capabilities to look out for include the ability to protect VMs from accidental or malicious corruption, or protecting the VM environment from unauthorised changes.

For instance, solutions such as Parallels Desktop for Mac, have security features designed to satisfy security-conscious organisations. This includes running all VMs in user mode so that a rogue VM will be unable to access files and processes within the host macOS operating system.

An even higher level of security and data protection is also available for the Business Edition, the business-centric version of Parallels Desktop that adds mass deployment and central management capabilities. It features support for controlling external USB storage devices with the use of security policies, as well as “expiring” virtual machines that will not execute beyond a predefined period.

Though virtualisation is hardly new, there is no question that it will remain a heavily-used technology for some time to come. For organisations and users that need to leverage its capabilities on macOS systems, they’re best to deploy a solution that offers the necessary security capabilities to keep your data safe.


[mailerlite_form form_id=1]
The following two tabs change content below.
Education Technology Solutions
Education Technology Solutions has been created to inspire and encourage the use of technology in education. Through its content, Education Technology Solutions seeks to showcase cutting edge products and practices with a view to expanding the boundaries and raising the standards of education curricula. It introduces teachers and IT staff to the latest products, services and developments in education technology with a view to providing practical how-to guidance designed to facilitate the integration of those products and services into the school environment in the most productive and beneficial manner possible.

There are no comments

Add yours