network Users Trusted only when Identity is securely established, and Risk is measured and deemed acceptable Endpoints Trusted only when Identity is securely established, Compliance is demonstrated, and Risk is measured and deemed acceptable Apps Access is Controlled based on User Trust, Device Trust, and App Sensitivity Data Protected by default based on Identity and Classification