Data Safer in VM?

This is a purely hypothetical question.

If sensitive data were stored in a virtual machine and was never present on the host system, so that it only ever existed within the virtual drive, is that data still written to the hard drive on which the virtual machine is stored, in a way that it could be recovered on it's own, for example as a .doc file, without the need to recover the entire virtual drive?

I was just curious as to whether it would be safer to store sensitive data on a virtual machine, because if you were to delete the virtual drive (and I mean something like a 35 pass Guttman file shred) then all (if anything) that could be recovered are bits and pieces of a virtual drive, rendering the data within it completely unrecoverable, because (to my knowledge) you'd need to recover the entire drive file (e.g. *.vmdk) just to recover the data within it, almost like when you have a corrupted archive you can't extract, because you need the entire, unbroken file to access the data within it.

Anyone know if this is the case?

 

KloWn

If the virtual drive isn't encrypted then I would think it would be fairly trivial to recover files from it. The actual data will still be there in plain text, so you wouldn't have to have the whole virtual drive to recover a file. If you're worried about security then you're much better off using an encrypted volume with true crypt or something like that.

Most Virtual Disk mounting software can mount, again, most virtual disk images. Where it shall be presented to the host system as another storage device. As Dexter says, if the data is not encrypted it shall be human readable.

Would it be enough to encrypt the drive from within the virtual operating system, or would the drive on the host system also need to be encrypted?

 

Well depends on your level of Tin Foil Hat. Encryption usually deters people from trying, but those who want to look will. If you use a strong encryption on the virtual OS, then it'll be strong. Having encryption on the host as well will further increase the time required to get access to that information.