Implementing Zero Trust Architecture in Azure

No Thumbnail Available
Journal Title
Journal ISSN
Volume Title
Sähkötekniikan korkeakoulu | Master's thesis
Date
2024-03-11
Department
Major/Subject
Communications Engineering
Mcode
ELEC3029
Degree programme
CCIS - Master’s Programme in Computer, Communication and Information Sciences (TS2013)
Language
en
Pages
48
Series
Abstract
Cloud computing has become increasingly popular due to the fact that it can deliver computing resources over the internet on a pay-as-you-go basis. However, with the growth of cloud adoption, there is an increased need for strong cybersecurity measures to protect sensitive information and critical assets from cyber threats that are constantly evolving. Due to the distributed nature of resources and the increasing sophistication of cyber threats, such as phishing and brute force attacks that put password use at risk. Fortunately, the necessity for a password is eliminated with Zero-Trust and is the most crucial security approach today. Zero-Trust is an innovative network security model that is quickly gaining popularity. The key concept is that every request must be evaluated and approved because no trustworthy sources are available; everything must be rigorously verified before providing access. Although numerous studies have investigated the implementation of Zero Trust Architecture (ZTA), few have focused on cloud environments, specifically on Azure Virtual servers. The implementation of Zero-Trust security measures was studied and applied to the Azure environment, resulting in a strong and reliable security model. Furthermore, system administrators have been granted conditional access to establish a secure communication channel with the Azure environment from the Internet while multi-factor authentication has been utilized. A secure environment was established in Azure by implementing the settings and methodologies discussed for zero-trust. The setup used for the implementation was a simple one compared to the complex infrastructure an organization can have. This thesis showed that it can be a lengthy process and time-consuming for one person to implement zero-trust, however, most of those configurations were one-time setup and can be automated when needed. Although implementing the zero-trust model may vary depending on an organization's unique needs, the fundamental principles; verify explicitly, use least privileged access, and assume breach always remain at the core of this security strategy.
Description
Supervisor
Mähönen, Petri
Thesis advisor
Mähönen, Petri
Keywords
cloud, security, zero-trust, ZTA, azure
Other note
Citation