Virtualisation technology is now prevalent at all layers in modern computing, frequently operating behind the scenes transparent to the end user. This is the technology that is driving the cloud computing revolution, providing access to resources and applications across global networks and multitudes of operating platforms. Gartner report that “more than 80 percent of enterprises now have a virtualization program or project. … Virtualization will continue as the highest-impact issue challenging infrastructure and operations through 2015, changing how you manage, how and what you buy, how you deploy” (Sep 2010). And “Through 2012, 60 percent of virtualized servers will be less secure than the physical servers they replace” (March 2010) With the broad adoption of this technology, organisations must determine how the integrity of their systems can be maintained where physical boundaries no longer exist. While this is important to all entities, those operating in more regulated industries will need to demonstrate their compliance with standards which is far more complicated where systems have been virtualised. Of particular importance is the concept of mixed-mode - workloads operating under significantly different trust levels – where the appropriateness of virtualisation should be carefully considered. The primary concern of such implementations is that a system operating at a lower level of trust could be used as a launch pad for an attack on other more trusted systems. Mixed-mode is ubiquitous in hosted solutions and prevalent across internal systems as well.