Microsoft: Why use shielded VMs for your privileged access workstation (PAW) solution?
It’s great to see customers trying out PAWs and it’s generating a lot of great questions. Many questions are related to shielded VMs so I’d like to focus this blog post on sharing our reasoning for building the PAW solution on shielded VMs.
Running virtual machines (VMs) on Windows client is not new, but running a shielded VM on Windows client is. The ability to run shielded VMs on client was introduced in the Windows 10 1709 release. There are many security considerations built in to shielded VMs, from secure provisioning to protecting data at rest. As part of the PAW solution, the privileged access workload gains additional security protections by running inside a shielded VM.
There are tons of documents/videos on technet about shielded VMs, this is a good starting point. Note that this blog post is not intended to repeat the content, but rather focus on its usage from the PAW perspective.
So why shielded VMs?
There are two aspects to this question:
Read the entire article here, Why use shielded VMs for your privileged access workstation (PAW) solution? – Datacenter and Private Cloud Security Blog
Via the fine folks at Microsoft.