1. Field of the Invention
Embodiments of the present invention generally relate to computer systems and more particularly to a method and apparatus for protecting sensitive information from disclosure through virtual machine files.
2. Description of the Related Art
Conventional computing environments may utilize a number of technologies to process, produce and secure mission critical data for various organizations (e.g., hospitals, government agencies, private companies and/or the like). The mission critical data includes information characterized by various degrees of sensitivity, such as intellectual property, customer data, medical histories, financial records, purchase orders, legal documents, privileged and/or confidential information, medical records, social security numbers, addresses, pictures, documents, contacts, and/or the like. For example, a legal brief that contains a victim's name is very sensitive until the legal brief is filed at which point the victim's name is public knowledge.
In order to prevent accidental and/or intentional disclosures of the mission critical data, these conventional computing environments may employ data loss prevention (DLP) technologies to monitor and control data communications between computing devices such that sensitive information is retained within a specific group (e.g., Board of Directors). For example, DLP agents (i.e., software modules) may be installed on workstations (e.g., computers that are connected to a server, such as an email server, for use by end users) to prevent transmission of sensitive information through email, the Internet and/or removable data storage (e.g., flash memory). An administrator typically installs and pre-configures the DLP agents on the client computers before deployment.
Unfortunately, the DLP technologies are limited to preventing disclosure of the sensitive information from these pre-configured client computers. Since virtual machines may be instantiated by end users and hosted on any computer, the DLP agents cannot be configured on these virtual machines in real time. In fact, the administrator may not realize that such virtual machines are being hosted. Furthermore, various files that form an image of a virtual machine cannot be scanned for the sensitive information by the DLP technologies. For example, the DLP technologies are unable to scan a virtual disk when an associated virtual machine is currently in operation.
Hence, the virtual machine files (e.g., virtual disks and/or snapshots) must be provisioned offline, which reduces productivity, increases costs and wastes valuable computer resources. At any point in time before or after the virtual machines are brought online, the sensitive information may be disclosed as a consequence. For example, a disgruntled employee may purposefully transmit social security numbers through encrypted communication protocols (e.g., HTTPS, secure instant message (IM) and/or the like) supported by the virtual machines, which bypasses any type of DLP technology employed at a host computer or any network device (e.g., a gateway).
Because the virtual machine files may be freely transported by the end users, these DLP technologies are unable to prevent data loss on one or more virtual machines that are hosted without administrator control. There are many reasons for these end users to desire mobility. For example, salespeople and information technology support employees transfer copies of virtual machine files to laptops in order to demonstrate working products to prospective customers. As another example, a software engineer may copy the virtual machine files to a home desktop computer such that a software program may be executed and tested on the virtual machine. Permitting end users to host the one or more virtual machines on remote computers (e.g., personal laptops) may reduce operational costs and labor expenses.
Therefore, there is a need in the art for a method and apparatus for protecting sensitive information from disclosure through virtual machine files.