Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations
The Zero Trust Architecture (ZTA) security system follows the “never trust, always verify” principle. The process constantly verifies users and devices trying to access resources. This paper describes how Microsoft Azure uses ZTA to enforce strict identity verification and access rules across the cl...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2024-12-01
|
| Series: | Journal of Cybersecurity and Privacy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2624-800X/5/1/2 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849342161575739392 |
|---|---|
| author | Vedran Dakić Zlatan Morić Ana Kapulica Damir Regvart |
| author_facet | Vedran Dakić Zlatan Morić Ana Kapulica Damir Regvart |
| author_sort | Vedran Dakić |
| collection | DOAJ |
| description | The Zero Trust Architecture (ZTA) security system follows the “never trust, always verify” principle. The process constantly verifies users and devices trying to access resources. This paper describes how Microsoft Azure uses ZTA to enforce strict identity verification and access rules across the cloud environment to improve security. Implementation takes time and effort. Azure’s extensive services and customizations require careful design and implementation. Azure administrators need help navigating and changing configurations due to its complex user interface (UI). Each Azure ecosystem component must meet ZTA criteria. ZTAs comprehensive policy definitions, multi-factor and passwordless authentication, and other advanced features are tested in a mid-size business scenario. The document delineates several principal findings concerning the execution of Azure’s ZTA within mid-sized enterprises. Azure ZTA significantly improves security by reducing attack surfaces via ongoing identity verification, stringent access controls, and micro-segmentation. Nonetheless, its execution is resource-demanding and intricate, necessitating considerable expertise and meticulous planning. A notable disparity exists between theoretical ZTA frameworks and their practical implementation, characterized by disjointed management interfaces and user fatigue resulting from incessant authentication requests. The case studies indicate that although Zero Trust Architecture enhances organizational security and mitigates risks, it may disrupt operations and adversely affect user experience, particularly in hybrid and fully cloud-based settings. The study underscores the necessity for customized configurations and the equilibrium between security and usability to ensure effective ZTA implementation. |
| format | Article |
| id | doaj-art-d17be56b3b734fa3acfaadfb635f7768 |
| institution | Kabale University |
| issn | 2624-800X |
| language | English |
| publishDate | 2024-12-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Journal of Cybersecurity and Privacy |
| spelling | doaj-art-d17be56b3b734fa3acfaadfb635f77682025-08-20T03:43:27ZengMDPI AGJournal of Cybersecurity and Privacy2624-800X2024-12-0151210.3390/jcp5010002Analysis of Azure Zero Trust Architecture Implementation for Mid-Size OrganizationsVedran Dakić0Zlatan Morić1Ana Kapulica2Damir Regvart3Department of Cybersecurity, Algebra University, 10000 Zagreb, CroatiaDepartment of Cybersecurity, Algebra University, 10000 Zagreb, CroatiaDepartment of Cybersecurity, Algebra University, 10000 Zagreb, CroatiaDepartment of Cybersecurity, Algebra University, 10000 Zagreb, CroatiaThe Zero Trust Architecture (ZTA) security system follows the “never trust, always verify” principle. The process constantly verifies users and devices trying to access resources. This paper describes how Microsoft Azure uses ZTA to enforce strict identity verification and access rules across the cloud environment to improve security. Implementation takes time and effort. Azure’s extensive services and customizations require careful design and implementation. Azure administrators need help navigating and changing configurations due to its complex user interface (UI). Each Azure ecosystem component must meet ZTA criteria. ZTAs comprehensive policy definitions, multi-factor and passwordless authentication, and other advanced features are tested in a mid-size business scenario. The document delineates several principal findings concerning the execution of Azure’s ZTA within mid-sized enterprises. Azure ZTA significantly improves security by reducing attack surfaces via ongoing identity verification, stringent access controls, and micro-segmentation. Nonetheless, its execution is resource-demanding and intricate, necessitating considerable expertise and meticulous planning. A notable disparity exists between theoretical ZTA frameworks and their practical implementation, characterized by disjointed management interfaces and user fatigue resulting from incessant authentication requests. The case studies indicate that although Zero Trust Architecture enhances organizational security and mitigates risks, it may disrupt operations and adversely affect user experience, particularly in hybrid and fully cloud-based settings. The study underscores the necessity for customized configurations and the equilibrium between security and usability to ensure effective ZTA implementation.https://www.mdpi.com/2624-800X/5/1/2securitycybersecurityZero Trust Architecture (ZTA)Azure ZTAmulti-factor authenticationmicro-segmentation |
| spellingShingle | Vedran Dakić Zlatan Morić Ana Kapulica Damir Regvart Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations Journal of Cybersecurity and Privacy security cybersecurity Zero Trust Architecture (ZTA) Azure ZTA multi-factor authentication micro-segmentation |
| title | Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations |
| title_full | Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations |
| title_fullStr | Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations |
| title_full_unstemmed | Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations |
| title_short | Analysis of Azure Zero Trust Architecture Implementation for Mid-Size Organizations |
| title_sort | analysis of azure zero trust architecture implementation for mid size organizations |
| topic | security cybersecurity Zero Trust Architecture (ZTA) Azure ZTA multi-factor authentication micro-segmentation |
| url | https://www.mdpi.com/2624-800X/5/1/2 |
| work_keys_str_mv | AT vedrandakic analysisofazurezerotrustarchitectureimplementationformidsizeorganizations AT zlatanmoric analysisofazurezerotrustarchitectureimplementationformidsizeorganizations AT anakapulica analysisofazurezerotrustarchitectureimplementationformidsizeorganizations AT damirregvart analysisofazurezerotrustarchitectureimplementationformidsizeorganizations |