As long as you don't join the Active Directory domain, then anyone, including network administrators, are subject to the same security rules, firewalls, and restrictions that anyone else is. If you're worried about them snooping around, then make sure to mark the network as a 'Public' network when you connect and not a 'Work' or 'Home' network - this will set the Windows Firewall in it's most restrictive mode. Also, make sure your file sharing requires a password if it's enabled, and this is good security practice whether you are at home, at a coffee shop, or at work.
The only reason the network admins have access to work computers is because they have been joined to the AD domain, which tells Windows to authenticate against the AD server instead of the local users on that system. As long as the admin doesn't come around and sit down at your computer locally or otherwise already have administrator access, he or she cannot add it to the AD domain.
You might want to check with your corporate security policy also, as some companies forbid bringing in flash drives or computers which they can't control or don't have antivirus for security purposes - They don't want a virus getting in and compromising their network.
Aside from admin access on the computer itself, remember that they'll have the ability to see any network traffic into or out of your machine whether it's from a VM or not. Your protection against this is to connect via VPN to another network (home or 3rd party provider) or use https sites whereever possible. – Doug Harris – 2010-06-02T17:12:20.480
Watch out for any applications you have to download like Cisco Clean Access or whatever it's called. They can scan for updates, but also could do whatever (since they are an executable on your system). – Daisetsu – 2010-06-03T00:50:44.810