Introduction
The proliferation of Virtual Machines (VM) has promoted a lack of security in many instances as well as oversight, especially in cases of development or test lab scenarios. Much of the blame can be placed on the ease with which a VM can be brought online and made functional with a variety of capabilities. The term sprawl has been used to describe the state of many virtualization projects; that extends to private cloud scenarios as well.
The ease with which a VM can be provisioned is the heart of the problem when we consider the security surrounding the guest operating system. Each guest VM and its encapsulated operating system is analogous to a physical workstation or server being set up and deployed in a production, business, or test lab environment. Due to the perception of users and some administrators that these VMs are free when it comes to physical resources and even software licenses, in some cases, attention is not given to the proper security of the VM as it relates...
