I've moved from a job where developers were encouraged to use technologies like docker and vagrant to create VM's on their workstations for testing and development.
At my new job, the IT manager insists that allowing a user to create a VM will compromise the security of the entire company. I know of many companies (like puppetlabs, and opscode) that allow vagrant and docker inside their company.
In what ways would allowing users to create VM's increase risk?
Is there a way to allow VMs that minimizes risk? (Perhaps use approved images)
Update
Primarily focused on the risk of allowing full virtualization on workstations (virtualbox, vagrant, hyper-v, kvm)