'Personal' virtual desktops are new security risk
Sophos is extending its Endpoint Security and Control product to enable IT administrators to block virtualisation applications, including free desktop and data centre products from VMware, plus tools from DosBox, and Microsoft's Virtual PC 2007.
The growing popularity of virtualisation tools, and the ease with which they can be downloaded, means that there is a much greater risk of end-users creating a virtual environment in which to run unauthorised applications, from games to browsers to beta software, the IT security firm says.
"Virtualisation tools represent a black hole in many organisations' IT security - if staff are allowed to download these tools and create environments that are completely hidden from IT administrators, it's impossible to defend them against cyber attacks," says Richard Jacobs, chief technology officer at Sophos. "While employees may simply be trying to get round a ban on social networking or using instant messaging at work, doing so in this way poses a real threat. In fact, uncontrolled and unmanaged virtual computers could lead to potentially disastrous consequences, including corporate identity theft, financial losses and embarrassing headlines."
As more employees acquire better IT knowledge, Jacobs adds, it is vital that businesses have complete visibility of the corporate network.
To see a full list of virtualisation tools blocked by Sophos, visit www.sophos.com/security/analyses/controlled-applications.