The following principles are fundamental to using any application securely.

• Keep software up-to-date. One of the principles of good security practise is to keep all software versions and patches up-to-date. Activate the update notification to get notified when a new release is available. When updating , do not forget to update the Guest Additions. Keep the host operating system as well as the guest operating system up-to-date.

• Restrict network access to critical services. Use proper means, for instance a firewall, to protect your computer and your guests from accesses from the outside. Choosing the proper networking mode for VMs helps to separate host networking from the guest and vice versa.

• Follow the principle of least privilege. The principle of least privilege states that users should be given the least amount of privilege necessary to perform their jobs. Always execute as a regular user. We strongly discourage anyone from executing with system privileges.

  Choose restrictive permissions when creating configuration files, for instance when creating /etc/default/virtualbox, see Automatic Installation Options. Mode 0600 is preferred.

• Monitor system activity. System security builds on three pillars: good security protocols, proper system configuration and system monitoring. Auditing and reviewing audit records address the third requirement. Each component within a system has some degree of monitoring capability. Follow audit advice in this document and regularly monitor audit records.

• Keep up-to-date on latest security information. Oracle continually improves its software and documentation. Check this note yearly for revisions.