Alex - stock.adobe.com
Are virtual machines safe for end users?
Virtual machine security is a complicated topic because there are many factors that can determine their security posture. Learn how to evaluate these factors.
Virtual machines provide isolation for user work sessions, but there is some confusion about how secure this technology is. Before organizations deploy VMs, their management must understand how this technology works and just how secure it is.
How do virtual machines work?
A VM runs on a host, whether that's a cloud provider, internal VDI or even a desktop computer. The VM session running on the host is known as a guest, and there can be multiple guests per host regardless of the type of host. Hosting VMs requires specialized software, known as a hypervisor, to deploy and allocate computing resources.
Enterprise organizations often use VMs in the context of VDI because the users' virtual desktops exist within specially programmed VMs. IT departments configure and deploy these types of VMs en masse to provide fully functional desktops to end users with applications and profiles included.
Unlike a laptop, the VM only needs a monitor and peripheral support devices, such as a mouse and a keyboard, to allow the user to interface with a desktop session. All the computing resources exist on the host, so the endpoint running the VM can be basic. This allows users to access virtual machines with their own desktop hardware or even thin clients.
Are virtual machines secure?
While VMs have certain security benefits due to their isolation, they still face many of the same threats as local desktops. Even the benefits of the isolated nature of VMs are highly dependent on how IT departments configure them. In short, VM users still need to maintain vigilance regarding cybersecurity.
For example, a VM session can still be infected with malware. If a user clicks on a phishing link or downloads a malicious executable, their desktop will become infected and compromised regardless of whether it's a VM or a desktop PC. Luckily, if the user or an administrator identifies it quickly, fixing an infected VM session is usually as simple as terminating the session and starting a fresh one. But on a PC, an administrator will have to find the malware and ensure they remove all traces -- a far more laborious process.
With the proper configurations, it's difficult for malware to penetrate beyond the individual VM session but not impossible. This type of penetration from malware, known as a VM escape, can cause significant problems by infecting the underlying host, the hypervisor and beyond. For example, a computer worm virus could successfully perform a VM escape and penetrate the host via a shared network.
Similarly, a user could accidentally upload or share malware with the organization's cloud storage or file-sharing system while working from a VM. In that case, the VM provides no additional security because the malware can spread throughout internal company systems, and the chance to terminate the VM and eliminate the malware has already passed.
This is why IT administrators still need to carefully manage VMs and not treat them like they are immune to security threats. Admins should consider many of the same security measures as they would with a desktop, but VMs often require additional security management. Secure the VMs' network access, minimize contact between the VM and the host, and maintain security posture for any applications or services interacting with the VM session.
John Powers is the senior site editor for TechTarget's Enterprise Desktop, Virtual Desktop and Mobile Computing sites. He graduated from the Philip Merrill College of Journalism at the University of Maryland.
