Methods and systems for securing sensitive information using a hypervisor-trusted client

What is claimed: 1. In a computing device executing a hypervisor hosting a control virtual machine and a non-trusted virtual machine, a method for securing information using a hypervisor-trusted client, comprising: executing, by a hypervisor, a control virtual machine; requesting, by a user of a non-trusted virtual machine executed by a processor of a computing device, to establish a connection to a remote computing device, wherein the non-trusted virtual machine is identified as non-trusted and not authorized to access the remote computing device based on an analysis of at least one of security credentials and access credentials of the non-trusted virtual machine; launching, by the control virtual machine executed by the processor of the computing device, a client agent, responsive to the request, the client agent authorized to access the remote computing device, wherein launching the client agent comprises creating an instance of the client agent; assigning, by a graphics manager executed by the processor of the computing device, a secure section of a memory of a graphics processing unit of the computing device to the client agent by portioning a segment of the memory of the graphics processing unit for access by the non-trusted virtual machine via the client agent, the client agent having a different level of access than the non-trusted virtual machine; rendering, by the graphics manager, graphical data generated by the client agent to the secure section of the memory of the graphics processing unit; receiving, by the graphics manager, a request from the non-trusted virtual machine to read graphics rendered from the client agent graphical data and stored in the secure section of the memory of the graphics processing unit; preventing, by the graphics manager, the non-trusted virtual machine from reading the client agent rendered graphics stored in the secure section of the memory of the graphics processing unit; establishing, by the control virtual machine, a secure communications channel between the non-trusted virtual machine and the control virtual machine that is a private communications channel only accessible by the non-trusted virtual machine and the control virtual machine, the secure communications channel established by locking a shared memory region that is only accessible by the non-trusted virtual machine and the control virtual machine, wherein the non-trusted virtual machine and the control virtual machine have a different level of access to the computing device; receiving, by the client agent, via the secure communications channel, a message from the non-trusted virtual machine, the message comprising encrypted data including a network address of the remote computing device from the non-trusted virtual machine, wherein only the non-trusted virtual machine and the control virtual machine can decrypt the encrypted data; gathering, by the client agent, the at least one of security credentials and access credentials from the user in a secure trusted environment; and establishing, by the client agent, a connection with the remote computing device with the received network address. 2. The method of claim 1 , further comprising receiving, by the client agent via a communications channel established between the non-trusted virtual machine and the control virtual machine, network address information to establish the connection to the remote computing device. 3. The method of claim 1 , wherein the input data comprises login credentials for the remote computing device. 4. The method of claim 1 , further comprising receiving, by the client agent from the non-trusted virtual machine, an identification that the window generated by the client agent is being given focus. 5. The method of claim 1 , further comprising preventing, by the hypervisor, the non-trusted virtual machine from accessing the input data while the window of the client agent has focus. 6. The method of claim 1 , further comprising directing, by the hypervisor, input data from the user to the non-trusted virtual machine, responsive to the window of the client agent no longer having focus. 7. The method of claim 1 , comprising locking, by the control virtual machine, the secure section of the memory to exclude a third virtual machine from reading or writing to the memory region, wherein the secure section of the memory is only accessible by the control virtual machine and the non-trusted virtual machine. 8. The method of claim 1 , comprising: identifying, by the control virtual machine, the levels of access based on one or more security policies. 9. The method of claim 8 , comprising: querying, by the control virtual machine, the one or more security policies using at least one of a serial number of the computing device or a device type of the computing device. 10. In a computing device executing a hypervisor hosting a control virtual machine and a non-trusted virtual machine, a system for securing information using a hypervisor-trusted client, comprising: a remote computing device; and a local computing device comprising: a graphics processing unit comprising a memory, and a processor executing a graphics manager and a hypervisor hosting a non-trusted virtual machine and a control virtual machine; wherein the hypervisor is configured to: execute the control virtual machine; and direct input data from the user to the client agent, responsive to a window of the client agent having focus; wherein the non-trusted virtual machine is identified as non-trusted and not authorized to access the remote computing device based on an analysis of at least one of security credentials and access credentials of the non-trusted virtual machine; wherein the control virtual machine is configured to: launch a client agent, responsive to receiving a request by a user of the non-trusted virtual machine to establish a connection to the remote computing device, the client agent authorized to access the remote computing device; and establish a secure communications channel between the non-trusted virtual machine and the control virtual machine that is a private communications channel only accessible by the non-trusted virtual machine and the control virtual machine, the secure communications channel established by locking a shared memory region that is only accessible by the non-trusted virtual machine and the control virtual machine, wherein the non-trusted virtual machine and the control virtual machine have a different level of access to the computing device; wherein the graphics manager is configured to: assign a secure section of the memory of the graphics processing unit to the client agent by portioning a segment of the memory of the graphics processing unit for access by the non-trusted virtual machine via the client agent, the client agent given a different level of access than the non-trusted virtual machine, render graphical data generated by the client agent to the secure section of the memory of the graphics processing unit, receive a request from the non-trusted virtual machine to read graphics rendered from the client agent graphical data and stored in the secure section of the memory of the graphics processing unit, prevent the non-trusted virtual machine from reading the client agent rendered graphics stored in the secure section of the memory of the graphics processing unit, and return, in response to preventing the non-trusted virtual machine from reading the client agent, data stored in another section of the memory of the graphics processing unit accessible by the non-trusted virtual machine, wherein the client agent is configured to receive, via a secure communications channel, a message comprising encrypted data incl