Unmanaged virtual computers can threaten corporate IT security
Sophos's Richard Jacobs says companies need to be aware of the security issues surrounding virtualization.IT security and control firm Sophos has announced that the application control feature of Sophos Endpoint Security and Control has been extended to give businesses the option to block virtualization applications, including free desktop and data centre products from VMware, as well as tools from DosBox and Microsofts Virtual PC 2007. The growing popularity of virtualization tools and the ease with which they can be downloaded means that there is a much greater risk of end-users creating a virtual environment in which to run unauthorized applications, from games to browsers to beta software.
While virtualization can represent real value at this time of increasingly constrained IT budgets, Sophos notes that IT administrators must prioritize management of these virtual desktops, as unmanaged virtual computers can open holes in an organizations security system. However, a recent Sophos poll* has revealed that more than half of all businesses do not know how many employees are running virtualization software on their computers.
Virtualization tools represent a black hole in many organizations IT security if staff are allowed to download these tools and create environments that are completely hidden from IT administrators, its impossible to defend them against cyber attacks, said Richard Jacobs, chief technology officer at Sophos. While employees may simply be trying to get round a ban on social networking or using instant messaging at work, doing so in this way poses a real threat. In fact, uncontrolled and unmanaged virtual computers could lead to potentially disastrous consequences, including corporate identity theft, financial losses and embarrassing headlines.
Sophos notes that as more and more employees have considerable IT knowledge, it is vital that businesses have complete visibility of the corporate network. This is especially important given the growth in the number of free virtualization tools on the market while employees may be downloading them with no malicious intent, the ability to run whatever they choose on their virtual desktop means that the company may be facing cyber risks unbeknown to anyone in the organization. For example, an unauthorized virtual browser may not be up to date with security patches giving hackers a potential vector of attack, or the user may be running unprotected peer-to-peer (P2P) programs virtually.
To overcome this, Sophos recommends that companies ensure that employees are not only aware of the firms acceptable usage policy, but that IT staff also have visibility into which applications staff are downloading and using. By effectively managing and securing the virtual environment, businesses can enjoy the benefits of virtualization without the associated risks.
By enabling organizations to reduce the amount of hardware they need, virtualization can offer real cost-saving benefits especially important in the public sector, said Antony Barke, senior technical engineer at Basildon and Thurrock University Hospitals NHS Foundation Trust, a Sophos customer. However, its essential to secure the virtual environment, just as you would the rest of the corporate network the same threats exist and this shouldnt be overlooked. With the right security measures, virtual machines are a real asset to the network, rather than a potential liability.
Sophoss application control functionality has proved very popular since its launch in September 2006, and is regularly updated in order to meet concerns resulting from unauthorized use of applications in the enterprise. It is fully integrated into Endpoint Security and Control, requiring no further rollout of new software. It now gives companies the ability to selectively block virtualization tools, browsers, remote connection tools, games, VoIP, P2P, Instant Messaging (IM) and distributed computing applications. It is available free-of-charge to all customers.
* Sophos web poll, 158 respondents, October 2008
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK.