Elevating security with virtualisation

By Anton Scott.

Major operating systems such as Windows, Mac and Linux have never been as secure as some may believe them to be. As with any system, the main point of vulnerability is often the user; opening the wrong link/attachment, vising the wrong site, and installing suspicious software can open the floodgates for malware. These are all examples that a non-aware user can fall prey to, and in a world of growing cyber-threats, individuals & companies alike must take more precautions to avoid being targeted and taken advantage of.

Virtualisation is becoming a standard for many corporations as it provides an extra, solidified layer of defence in the event of a breach. Whilst most files or programs you open will run on your “Host” machine, virtualisation provides an isolated bubble for your OS to run in, by dedicating sectors of your hardware to create a virtual machine (VM).

Containment

This is a highly effective method of elevating your device’s security as any rogue programs running on the system will be limited to and only to the virtualised environment. Take this analogy for example. When a virus invades your body, your immune system triggers a response for white blood cells to encapsulate and isolate the foreign entity in order to prevent the spread and further damage the virus could cause to your body. This is exactly the case in the event of a virus, worm or type of malware infecting your computer system; The threat is contained within the VM and can therefore not spread or damage your host machine, which may contain your important files & personal data.

Resilience

VM’s also provide a convenient feature called “snapshotting”, where the state of the system can essentially be saved at any chosen time (known as taking a snapshot), then restored to a previous snapshot when required. This is specifically useful following a mishap such as a system failure or type of breach, as the machine can be reverted to its last known working state. Your presets & files will remain intact and your future self will thank you for it.

Privacy

Furthermore, if you are concerned with the growing issue of your online data being collected and sold by devious conglomerates (a sad but inevitable truth), you may be able to put your mind at ease by utilising a VM. “Fingerprinting” or “profiling” is a common way in which services online tie your devices and data to your identity and is used to predict your online habits, log your preferences and recommend you products/services. An entire online profile is built uniquely for you, hence the name “fingerprinting”.  Although quite impossible to avoid once you already have an online presence, operating systems like ’Whonix’ can run in a VM to promote anonymity online by relaying your network traffic through anonymous networks such as Tor.

Such setups require time to configure but can be useful if you’re serious about masking your identity online & giving a middle finger to the prying data harvesters. Ultimately, VMs are very practical systems which can offer the everyday user an elevated level of security which in turn can promote ease of mind. They are not compulsory by any means, but the growing use of them is a step in the right direction to limiting the damage caused by cyber-threats. And of course, it always helps to remember – if you protect your system, you protect yourself.