Harvard University Extension School

Special Project for CSCI E-170:

Security, Privacy, and Usability

Security Considerations of
Virtual Desktops

Author: Professor:
Robert L. McPherson Scott O. Bradner

May 8, 2009
 Abstract
Virtual desktop infrastructure (VDI) technology is becoming increas-
ingly popular for corporate enterprise use. One reason that is cited for
the growing use of VDI is increased security. With theft of data reaching
epidemic proportions, the idea of an environment that allows data to be
processed by employees without ever leaving the data center is appealing.
VDI enables the centralization of data storage, processing, and reporting
within the data center, obviating the need to move data out of the data
center to individual desktop and laptop computers.
However, VDI is a new technology, and much is still unknown as to se-
curity weaknesses that the technology may present. This paper examines
the security threats and benefits inherent in VDI, and considers alterna-
tives for threat mitigation.

1
Contents
1 Introduction 4

2 Security Characteristics of Standard Desktop Environments 6

3 Security Characteristics of VDI 8

3.1 Security Strengths of VDI . . . . . . . . . . . . . . . . . . . . . . 9
3.2 Security Weaknesses of VDI . . . . . . . . . . . . . . . . . . . . . 11

4 Measures to Mitigate VDI Threats 13

4.1 Properly Configure VDI Hypervisor, Operating System, and Ap-
plications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.2 Separate Functionality from Content . . . . . . . . . . . . . . . . 14
4.3 Take Precautions to Secure the Host Environment . . . . . . . . 14
4.4 Adapt Security Policies . . . . . . . . . . . . . . . . . . . . . . . 15

5 Conclusion 15

2
List of Figures
1 Number of Google Search Results for “virtual desktop” Increasing
Exponentially . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Number of Google Search Results Combining “security” with
“virtual desktop” . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

3
Figure 1: Number of Google Search Results for “virtual desktop” Increasing
Exponentially

1 Introduction
New technologies can solve current computer security issues, but generally open
new security vulnerabilities as well. Virtual Desktop Infrastructures (VDI) are
no exception. As can be seen in the Google search results in figure 1, the number
of searches for the phrase, “virtual desktop”, have increased exponentially each
year since 2000. However, adding the term, “security” to the phrase indicates
that interest in seeking information on security issues related to virtual desktop
technology has increased at a much faster rate than interest in virtual desktops
in general.

Figure 2 is logarithmically adjusted, and more clearly illustrates how search

results for security related virtual desktop issues have increased at a much fast
rate in the last couple years as compared to results for virtual desktops in
general. It appears that there may be an awakening as to the importance
of security considerations when dealing with virtual desktop technology. The
euphoria has not waned for VDI, but the realities of the new challenges it brings
may finally be getting noticed.

4
Figure 2: Number of Google Search Results Combining “security” with “virtual
desktop”

5
 Ironically, contrary to the apparent increased interest in virtual desktop secu-
rity, virtual desktops were supposed to provide a more secure environment for
data. VDI technology does indeed solve some traditional security challenges in-
herent with standard desktops. This paper evaluates both the security strengths
and vulnerabilities of VDI technology, and explores potential tactics for making
VDI environments more secure.

2 Security Characteristics of Standard Desktop

Environments
As a basis for comparison, it is useful to examine the security characteristics of
a standalone desktop environment. In a corporate configuration, this generally
includes desktop and laptop machines connected either physically or virtually
to a private network via LAN or WAN. This network provides connectivity to
servers for a variety of functions, including file storage, intra net hosting, rela-
tional databases, and application services. The most common operating system
platform for desktops and laptops is Microsoft Windows, in its various versions.
Other operating systems could include several varieties of Linux distributions
(e.g., Suse, Ubuntu, Red Hat), Sun Solaris, and different flavors of the Apple
Mac OS.

Users of personal computers are a weak link among potential desktop security
vulnerabilities. The move from the legacy mainframe environments to Desktops
and laptops has decentralized control of many important aspects of the protocol
stack. This has shifted some of the responsibility for security toward individual
users, and away from the data center. A lot is expected of desktop computer
users in a corporate environment to keep corporate IT assets safe. For example,
users must:

• be trusted to regularly install new operating system patches, and to do it

on a timely basis;
• be trusted to utilize corporate firewalls consistently (e.g., avoid browsing
the web with a corporate laptop computer on a home network);
• be trusted to take full advantage of anti virus software, and avoid activities
that would expose corporate desktops and laptops to malware risks;
• be relied upon to install software updates when necessary (e.g., new browsers,
email upgrades, etc.);
• not be careless with email attachments;
• be trusted to avoid reconfiguring their operating system security settings
in a manner that would expose the computer and the corporate network
to increased and unacceptable security risks (e.g., disable desktop firewall,
accept all Java Script, accept all cookies, etc.);

6
 • be consistent in choosing secure passwords;
• be trusted to avoid or be very cautious with peer-to-peer file sharing;
• be relied upon to backup critical information;
• be trusted to follow company policy regarding the downloading of company
data onto local storage media, such as onto internal and external hard
drives, thumb drives, DVD, etc.;
• be knowledgeable about what software to avoid that may contain spy ware;
• be reliable in locking or turning off computer when it is not being used.
[23]

Of course, virtual desktop environments move responsibility for many of these

risks back into the data center. This is one of the major attractions contributing
to the growing popularity of virtual desktop infrastructures.

In addition to user related vulnerabilities of the desktop environment, these

issues might be categorized into general classes of vulnerabilities pertaining to
the five-layer protocol stack. The traditional five layers are: physical, data-
link, network, transport, and application. In general, the lower a security risk
exists on the protocol stack, the more vulnerable it tends to be to attacks [24].
The physical layer is considered to be the lowest layer in the five layer network
protocol model. This is partly due to the fact that many applications can be
spoofed by attacks on lower layers.

The previously listed user related vulnerabilities was based on a list of secu-
rity best practices as published by the University of Mississippi’s IT security
department. Most of these items can be categorized as being primarily related
to the application level. However, since desktops and laptops put access to lower
layers, such as physical equipment, closer to users, it is natural to consider ad-
ditional risks at the physical layer as well. The following are some examples.

Physical Layer
• Lock or turn-off computer when not in use

Data-Link Layer
• Deploy and properly configure network address transversal (NAT)

Network Layer
• Maintain proper network firewall (might also be categorized as application
layer)

7
Transport Layer

Application Layer
• Install operating system patches
• Maintain proper security settings within operating system, including desk-
top firewall

• Install software updates

• Careful management of email attachments
• Choose proper passwords
• Careful management of peer-to-peer file sharing
• Backup critical information
• Maintain secure data storage practices
• Avoid software that could contain spy ware
The majority of these security measures are concentrated at the application
layer of the protocol stack. VDI technology increases security risks at this layer,
as we will examine later. However, risks are reduced at the lower levels of the
protocol stack, particularly at the physical and data link layers. While the
variety of security measures identified here may appear to be fewer, the risks
at this layer can be greater. This is due to the fact that whoever controls the
physical and data link layers of the protocol stack may also have greater access
to the higher layers. Centralizing access to the physical and data layers to a
data center location can provide greater control and consistency over securing
these lower layer vulnerabilities.

3 Security Characteristics of VDI

While VDI technology can increase security by centralizing control away from
users and into the data center, the technology does little to increase security at
the application layer. In fact, as we shall see, VDI can actually increase exposure
to attacks at the application layer. There are many such trade offs, and it is
not so straightforward to determine whether the benefits outweigh the risks.
The strengths and weaknesses of a VDI deployment will have varying degrees of
significance based on many factors unique to each organization. Some examples
of strengths and weaknesses of VDI follow.

8
3.1 Security Strengths of VDI
May Offer Improved Recovery from Attacks A successful attack on a
traditional desktop environment can require a great deal of effort to clean up.
Measures must be taken to fix the problem on each individual desktop com-
puter. Administrators can set up automated processes, use remote login, or
make personal on site visits to each computer to remedy the issue.

With virtual technology, it can be much easier, and take far less resource to
recover from such an attack. For example, if any virtual desktops are infected
with a virus, worm, trojan, or other malware, an administrator may merely need
to re image the virtual machines from a central location overnight. The degree
of control administrators have over virtual machines, and the centralized nature
of these environments may speed response time and recover from such attacks,
and reduce the costs. [1]

Easier for Enterprise IT Departments to Control Applications Since

virtual desktops can be restored immediately, enterprises can better ensure com-
pliance with application policies. If unapproved software gets loaded on a vir-
tual desktop, a fresh version of the desktop can be installed to replace it very
quickly. It is much more difficult, by comparison, to deal with such issues on
decentralized, physical desktops. [6]

Decentralized, physical desktop environments can also lead to vulnerabili-

ties resulting from improperly configured applications, such as server software.
While virtual servers serve a different function than virtual desktops, many of
the benefits are the same. It is difficult to maintain decentralized servers to the
same degree of security as is possible in a centralized data center. Maintain-
ing secure server environments is critical to maintaining secure virtual desktop
infrastructures. [16]

Helps Ensure Compliance with Legal Requirements Centralized con-

trol of desktop infrastructure can also facilitate compliance with legal require-
ments. For example, Sarbanes Oxley, HIPPA, and industry related laws have
very specific requirements as to what data can be stored, how it should be
handled and protected, as well as how long the data must be retained. These
often complex requirements can be complied with more consistently if desk-
tops, servers, databases, and other related systems infrastructure components
are maintained in a centralized data center through virtualization. [3]

Fewer Drivers Can Lead to Fewer Attack Surfaces A virtual desktop

environment could more tightly control the variety and number of required
third-party drivers. This could have the effect of reducing the number of attack
surfaces available[13]. However, security experts debate whether the attack
surface area is reduced, or actually increased due to additional applications

9
and complexity inherent in virtual environments. More on this issue will be
discussed later.
Additionally, there are fewer points of entry for attacks to penetrate the VDI
environment [13]. Rather than having many decentralized physical desktops,
any of which can be an entry point for an attack, virtual desktops have a limited
number of entry points into the data center to contend with. Data centers
typically have a much greater opportunity to control, monitor, and protect
entry points than do individual users of desktops.

Summary of Benefits of VDI Following is an itemized review of the benefits

of VDI, along with a few other as well.

• Centralized Client OS Management,

• Rapid Client Deployment,
• Reduction in desktop support costs,
• Reduction in electricity costs, as thin client computers use only a fraction
of amount of energy that is used by a desktop computer.
• Improved Data Security,
• Secure Remote Access, as most connection brokers offer an SSL VPN
Component and Web Portal
• Compliance with HIPAA and Sarbanes Oxley (SOX)
• Fewer Application Compatibility Problems than with Terminal Server and
Citrix, as users have their own, single user OS.

The benefits of virtual environments are sometimes promoted to the exclusion

of a forthright discussion of the challenges this relatively new technology can
present. Vendors sometimes add to the confusion, as their public relations stories
may overstate the case. The following quote from Jeff Hibbard, vice president
of marketing at the virtual technology vendor, Ardence, serves as an example.

Virtual desktops are game changing in terms of improved security,

lower administration costs and increased business. VMware’s Vir-
tual Desktop Infrastructure Alliance is creating the ecosystem nec-
essary to deliver the right desktop, to the right person, to do the
right job, at the right time. [4]

While there are clearly advantages to VDI technology, it does present new
security vulnerabilities that VDI vendors may not be quick to highlight.

10
3.2 Security Weaknesses of VDI
Whenever complexity is added to a system, new security vulnerabilities are often
introduced as well. Virtualization technology is no exception. Some argue that
security weaknesses have been a barrier to growth of virtualization technology in
general, and that new security products and architectures must be developed.
The topology of virtual environments is so unique, that traditional security
measures are not up to the task. [2]

Complexity Brings Vulnerabilities The added complexity of virtual envi-

ronments can also lead to an increased possibility for configuration errors that
can lead to security breaches. Virtual configurations require that special atten-
tion be given to securing the hypervisor - an application required for controlling
and managing virtual machines. [7]

If not properly configured or secured, the hypervisor can present a new plane
of attack, that does not exist in traditional desktop environments. For instance,
it has been suggested that a successful attack could be made against a virtual
configuration by swamping the interface between the guest software and the
hypervisor with random data [14]. Although there are no public reports of such
a breach of an actual virtual environment, a hypervisor was reported to have
been vulnerable to a staged attack at the Black Hat 2008 event, by Invisible
Things Lab. [10]

Malware Can Also Infect Virtual Machines Virtual desktops are poten-
tially vulnerable to the same malware attacks and operating system vulnerabil-
ities as any ordinary desktop would be. In fact, all of the vulnerabilities listed
previously in regard to traditional desktop environments apply to virtual desk-
tops as well. The primary difference, is that virtual environments provide an
opportunity for better coordinated, centralized control over these vulnerabili-
ties.
Layered, security in depth measures can protect virtual environments. How-
ever, each of these layers can still be attacked. It is likely that as virtual en-
vironments become more common, malware will be designed to escape from a
virtual layer, onto the operating system. Additionally, while virtual layers can
offer improved security, they can also provide innovative attackers with new
attack vectors. [13]

In short, it is not correct to think of virtual environments as providing a

secure, failsafe barrier between users and host systems, as some may be prone to
imagine. The hypervisor inherent in virtual environments simply adds another
layer of software between the host environments and attackers. Of course, it is
possible to breach the hypervisor software, just as it is possible to engineer a
breach of any other software. [7]

11
Centralization in Data Center Also Concentrates Risk Although cen-
tralized virtual systems offer the potential for greater control, they can also
make it easier to access and attack a greater number of systems in a single at-
tack, once the virtual environment has been compromised. Although physical
desktop systems may be lacking in control over the many individual users and
units scattered about, the decentralized nature of physical desktop environments
may reduce the number desktops that may be compromised in a single attack
1
.

The source of the attack could be internal or external. The risk of an internal
attack may be greater with virtual environments, due to the enormous amount
of control that administrators and other internal staff may have over virtual sys-
tems. External attacks can compromise the applications and operating systems
of virtual desktops in the same manner as physical desktops, once the virtual
platform has been compromised. However, having all the virtual desktops shar-
ing the same physical network in a centralized data center could allow for faster
spreading of attacks, such as worms and other malware.

Risk of Rogue VDI Clients End-point client software is usually required

in VDI environments, so as to communicate with the server side of the system,
and to authenticate users. However, many of these clients are inter operable
with each other. For example, the VMWare VMC client can operate with the
Microsoft RDP client. Some clients, such as from VMWare, are free software,
and are readily available for download on the internet. This could make it easier
for an attacker to set up a rogue client. [6]

Increased Number of Attack Surfaces It has been argued that the hyper-
visor adds to the potential attack surface of virtual environments [13]. On the
other hand, as previously noted, the attack surface may be reduced by the fact
that virtual environments afford greater control over drivers, and require fewer
drivers in general. The net effect is that it remains debatable as to whether
virtual environments truly have fewer attack surfaces than physical desktop en-
vironments. It is certain, however, that the nature of the attack surfaces is
quite different for virtual desktops, and they require different security policies
and protective measures.

Of course, all of the risks discussed in this section do not comprise a com-
prehensive list of the possibilities. One might conclude, therefore, that with all
these potential risks, it may not be worthwhile to consider implementing VDI.
Indeed, as was pointed out, there appears to have been a dramatic increase
1 It may not always be true that physical desktops limit the number of environments that

may be compromised in a single attack. This would also depend upon the nature of the attack.
For example, certain worms may be successful in infecting most machines on a compromised
network, whether the machines are virtual or physical.

12
in interest in the topic of security in relation to virtual desktop environments,
based on the number of Google references on the subject.

Yet, with all the apparent concern and potential threats, there is a lack pub-
licised successful and significant attacks. Of course, the technology is new, and
it would seem inevitable that there will be attacks as the technology grows in
popularity. Therefore, it can only be a healthy thing that there is an increasing
amount of attention toward ensuring that VDI and other virtual environments
remain secure. [10]

4 Measures to Mitigate VDI Threats

Burton Group’s “Five Immutable Laws of Virtualization” The Burton Group’s
“Five Immutable Laws of Virtualization” are observations regarding security
characteristics of virtual computing environments. They are useful for evalu-
ating the security trade offs involved in deploying a VDI. They also help to
summarize some of the main vulnerabilities discussed in the previous section,
and can serve as a framework for considering mitigative measures as well. In
paraphrased form, the five laws may be expressed as follows.

1. Virtual systems are vulnerable to the same attacks against op-

erating systems and applications as physical systems.
2. All things being equal in regard to operating systems, applica-
tions, and configuration, a virtual system has a larger attack
surface than its physical counterpart, due to the additional hy-
pervisor layer.
3. By separating functionality and content, virtual machines can
be more secure than physical systems.
4. Risk is increased when the functions, resources, and processes
share the same physical platform and memory (counterpart to
the previous point, 3).
5. Risk is higher for a “trusted” virtual machine on an “untrusted
host”, as compared to having an “untrusted” virtual machine
on a “trusted” host.
[12]

4.1 Properly Configure VDI Hypervisor, Operating Sys-

tem, and Applications
It has been pointed out that the hypervisor presents an interesting paradox.
The Burton Group’s ”Five Immutable Laws of Virtualization” suggest that
the increased complexity of virtualization brings with it increased security risk.
However, the improved separation provided by virtualization reduce risk at the
same time. This may appear to be a wash, with one aspect offsetting the other.

13
However, the tipping point as to whether a virtual environment is more secure or
less secure than a traditional physical environment may well be determined by
how the virtual environment is configured, particularly regarding the hypervisor.
[10]. Securing the also includes following best practices regarding restricting
and monitoring who has access, authentication, firewall protection, controlling
access points, as well as following manufacturer recommendations regarding
proper hypervisor configuration.

All of the traditional desktop user responsibilities mentioned previously apply

to virtual environments as well. The main difference, of course, is that it is
up to the administrator to assure that these responsibilities are carried out to
ensure a secure virtual desktop environment. For example, all operating system
and application patches must be updated on a timely basis, virus scan and
malware detection must be performed regularly, password best practices must
be implemented, and so on.

It is also important to install systems to assure that VDI installations have

not been adversely altered. VDI implementations can be restored quickly if such
alterations have been found. But, there must exist the means within the host
environment to detect and restore the original image of the operating system
and applications as needed. [14]

4.2 Separate Functionality from Content

A common and effective way to separate functionality from content is to separate
data from applications that utilize the data. If an application is compromised,
it is imperative that the data be unaffected. Also, if it becomes necessary to re
image a machine back to a previous, non-compromised state, this separation can
help avoid losing newly collected data (i.e., since the last image was created).

Another common way to separate functionality, is to create separate virtual

environments for different functional operations within an organization, such
that they do not share the same memory resources. Additionally, applications
may be split off into their own virtual machines, based on the type of func-
tionality that they provide. For example, virtual sandboxes may be created to
test new software. Or, separation may be useful for setting up honey pots for
detecting and tracking attack attempts. [18]

In general, it is important to spread risk, by distributing servers and VDI

environments on a number of hosts. Putting everything on one host should be
avoided. [25]

4.3 Take Precautions to Secure the Host Environment

Administrators must make sure the host environment is secure. As pointed out
in the Burton Group’s five laws of virtualization, it is more important to have

14
a trusted host, than a trusted virtual environment. This concept is congruous
with the general principal that vulnerabilities that are further down protocol
stack are a greater security risk. Virtual environments do not reduce the need for
security measures to protect data center components, such as physical servers,
network routers and switches, server software, the physical data center itself,
and all other security issues a data center would need to confront. If anything,
consolidating all desktops into the data center should be cause to increase the
level of security for all aspects of the data center where a VDI may be hosted.

4.4 Adapt Security Policies

Security policies of an organization must be updated to be consistent with new
virtualization technology. For example, it should be clear to employees as to
who is allowed to access the virtual environment. Access should never be shared,
especially with unauthorized persons. Also, restrictions may need to be placed
as to installation of software on client machines, especially in regard to poten-
tial rogue virtual clients, or rogue hypervisors. There are many potential policy
aspects that should be considered. The main point here is to be sure and ana-
lyze all threats presented by a VDI, and adapt organizational security policies
accordingly.

5 Conclusion
There are a number of security trade offs and paradoxes related to the imple-
mentation of virtual environments. It cannot be concluded with any certainty
that virtual environments are inherently more or less secure than traditional
physical environments. However, virtual environments are certainly not a cure-
all for security concerns, as some vendors seem to advertise.

On the other hand, implementing virtual environments does not appear to

automatically open the floodgates to attacks either. The apparent increased
attention to security issues related to virtual desktop infrastructures on the web
does not appear to be related to actual incidents of security breaches. There is
little evidence of significant breaches occurring, at least at this relatively early
stage of the technology. Rather, it may simply be that awareness of security
is finally catching up with the popularity of new virtual technologies. That, of
course, would be a good thing, as it is generally best to be proactive.

Indeed, it seems that the best assurance of a secure systems environment is

to deploy pre-emptive and proactive security best practices. The same can be
said to be true of virtual desktop environments, or any virtual environment. If
careful measures are taken to secure VDI systems, they can indeed be safer than
traditional desktops. If not, however, then virtualization may offer no added
protection, and may create an even more damageable target by concentrating
risk.

15
References
[1] AttackingAndDefendingVirtualEnvironments.pdf.
[2] Catbird - our services - V-Agent. http://www2.catbird.com/corp/vagent s.php?IsGoogle=1& kk=virtual%
78b5-40e8-9c99-d39f98a79b0c&gclid=CPitmsvZxJkCFc5L5QodZ1kMtg.
[3] Virtual desktop infrastructure (VDI) overview.
http://www.msterminalservices.org/articles/Virtual-Desktop-
Infrastructure-Overview.html.
[4] VMware announces virtual desktop infrastructure alliance - VMware.
http://www.vmware.com/company/news/releases/vdi.html.
[5] MXI security and unisys collaborate on secure
USB consolidated virtual desktop solution | reuters.
http://www.reuters.com/article/pressRelease/idUS146215+03-Feb-
2009+BW20090203, February 2009.
[6] RedCannon: solutions: Securing virtual desktop initiatives.
http://www.redcannon.com/solutions/vdi.html, 2009.
[7] Donna Bogatin. Google: Beware virtualization, GreenBorder NO secu-
rity panacea | digital markets | ZDNet.com. http://blogs.zdnet.com/micro-
markets/?p=1454, May 2007.
[8] Mark W. Bortle. Beware of hidden
costs in server consolidation or virtualization.
http://searchsystemschannel.techtarget.com/tip/0,289483,sid99 gci1337253,00.html,
October 2008.
[9] CIO Canada. Beware the rogue employee > secu-
rity products, practices and infrastructure > security.
http://www.itworldcanada.com/Pages/Docbase/ViewArticle.aspx?title=&ID=idgml-
965e5eee-d673-4bb0-92db-9e6a2270acd0&lid=, March 2008.
[10] Maxwell Cooter. Users warned of virtualization’s ’dark side’.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9131353&sour
April 2009.
[11] David Doane. Today’s tip shoring up se-
curity with a virtual desktop - BusinessWeek.
http://www.businessweek.com/smallbiz/tips/archives/2007/07/shoring up secu.html,
July 2009.
[12] On-Demand Enterprise. On-Demand enterprise: Five im-
mutable laws of virtualization security. http://www.on-
demandenterprise.com/offthewire/26057424.html, 2008.

16
[13] Tom Espiner. Security expert: Beware virtualisation in 2008 - ZDNet.co.uk.
http://news.zdnet.co.uk/security/0,1000000189,39290926,00.htm, Novem-
ber 2007.
[14] Tom Espiner. Virtualisation vendors
warn of security challenges - ZDNet.co.uk.
http://news.zdnet.co.uk/security/0,1000000189,39386015,00.htm, April
2008.
[15] Edward L. Haletky. VMware ESX host security: Us-
ing TCP wrappers, PAM and iptables for defense in depth.
http://searchvmware.techtarget.com/tip/0,289483,sid179 gci1343951,00.html,
2009.
[16] Miya Knights. Reinsurer cuts costs with virtual desktop strategy | IT
PRO. http://www.itpro.co.uk/171897/reinsurer-cuts-costs-with-virtual-
desktop-strategy, February 2008.
[17] Markus G. Kuhn and Ross J. Anderson. Soft tempest:
Hidden data transmission using electromagnetic emanations.
http://www.cl.cam.ac.uk/˜mgk25/ih98-tempest.pdf, 1998.
[18] Pete Lindstrom. Attacking and defending virtual environments, 2008.
[19] Brian Madden. When to use VDI, when to use server-
based computing, and how the citrix ardence dynamic desk-
top fits into all this - brian madden - BrianMadden.com.
http://www.brianmadden.com/blogs/brianmadden/archive/2007/03/14/when-
to-use-vdi-when-to-use-server-based-computing-and-how-the-citrix-
ardence-dynamic-desktop-fits-into-all-this.aspx, March 2007.
[20] Brian Madden. How VMware is misleading everyone about
the cost savings of VDI - brian madden - BrianMadden.com.
http://www.brianmadden.com/blogs/brianmadden/archive/2009/02/23/how-
vmware-is-misleading-everyone-about-the-cost-savings-of-vdi.aspx, Febru-
ary 2009.
[21] Eric Maiwald. Protecting information in hostile environments.
http://srmsblog.burtongroup.com//.
[22] Timothy Prickett Morgan. SAS schemes $70m biz analytics cloud the
register. http://www.theregister.co.uk/2009/03/20/sas builds own cloud/,
March 2009.
[23] The University of Mississippi Information Technology Security. Desktop
security best practices. http://itsecurity.olemiss.edu/BestPractices.htm.
[24] Mark Tordoff. Burton group identifies the five immutable laws of virtual-
ization security. http://it.toolbox.com/blogs/security-compliance/burton-
group-identifies-the-five-immutable-laws-of-virtualization-security-21699,
2008.

17
[25] Vivian Yeo. Virtualisation ’next frontier’ for hackers - ZDNet.co.uk.
http://news.zdnet.co.uk/security/0,1000000189,39523006,00.htm, October
2008.

[]

18