Implementing Zero Trust Architecture in Azure

No Thumbnail Available

URL

Journal Title

Journal ISSN

Volume Title

Sähkötekniikan korkeakoulu | Master's thesis

Date

2024-03-11

Department

Major/Subject

Communications Engineering

Mcode

ELEC3029

Degree programme

CCIS - Master’s Programme in Computer, Communication and Information Sciences (TS2013)

Language

en

Pages

48

Series

Abstract

Cloud computing has become increasingly popular due to the fact that it can deliver computing resources over the internet on a pay-as-you-go basis. However, with the growth of cloud adoption, there is an increased need for strong cybersecurity measures to protect sensitive information and critical assets from cyber threats that are constantly evolving. Due to the distributed nature of resources and the increasing sophistication of cyber threats, such as phishing and brute force attacks that put password use at risk. Fortunately, the necessity for a password is eliminated with Zero-Trust and is the most crucial security approach today. Zero-Trust is an innovative network security model that is quickly gaining popularity. The key concept is that every request must be evaluated and approved because no trustworthy sources are available; everything must be rigorously verified before providing access. Although numerous studies have investigated the implementation of Zero Trust Architecture (ZTA), few have focused on cloud environments, specifically on Azure Virtual servers. The implementation of Zero-Trust security measures was studied and applied to the Azure environment, resulting in a strong and reliable security model. Furthermore, system administrators have been granted conditional access to establish a secure communication channel with the Azure environment from the Internet while multi-factor authentication has been utilized. A secure environment was established in Azure by implementing the settings and methodologies discussed for zero-trust. The setup used for the implementation was a simple one compared to the complex infrastructure an organization can have. This thesis showed that it can be a lengthy process and time-consuming for one person to implement zero-trust, however, most of those configurations were one-time setup and can be automated when needed. Although implementing the zero-trust model may vary depending on an organization's unique needs, the fundamental principles; verify explicitly, use least privileged access, and assume breach always remain at the core of this security strategy.

Description

Supervisor

Mähönen, Petri

Thesis advisor

Mähönen, Petri

Keywords

cloud, security, zero-trust, ZTA, azure

Other note

Citation