Is it right for me?
With Virtual Machines being more commonplace today, it is easier to live migrate, backup and replicate these workloads, but this also means that it is easier to seize or modify entire workloads by copying onto a USB or Network drive.
In order to prevent compromised admin accounts, storage or network attacks, local admins gaining access or unauthorised Hosts running workloads you need more than VM encryption; alone, it is not sufficient to protect against these scenarios.
Host Guardian Services (HGS) prevents anyone but authorised VM administrators from accessing data (including restricting VM console access to just authorised sessions), attesting legitimacy of Hyper-V host with certificate of health issued to the host required to start and run VM’s. This prevents scenarios where a VM can be copied off, allowing the attacker to compromise confidential data.