{"id":65975,"date":"2021-12-07T13:00:00","date_gmt":"2021-12-07T18:00:00","guid":{"rendered":"http:\/\/74d2948405.nxcli.io\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/"},"modified":"2026-01-30T12:53:21","modified_gmt":"2026-01-30T17:53:21","slug":"20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs","status":"publish","type":"post","link":"https:\/\/xentegra.com\/fr\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/","title":{"rendered":"20: On the Horizon: Zero Trust avoids the traditional \u201csecurity versus convenience\u201d tradeoffs"},"content":{"rendered":"<p><iframe loading=\"lazy\" src=\"https:\/\/www.buzzsprout.com\/1282847\/episodes\/9678265-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs?iframe=true\" scrolling=\"no\" width=\"100%\" height=\"200\" frameborder=\"0\" style=\"width: 100%;height: 200px\"><\/iframe><\/p>\n<p>Everyone reading this has probably heard that old rule of thumb that security and convenience are inversely proportional. In other words, increasing security comes with the cost of less convenience, while making things easier to use also means less security. This isn\u2019t just in the context of computing, by the way. An unlocked door is easier to use (more convenient) than one that is locked (more secure). A door that you can unlock with a key is easier to use (but less secure) than a door that requires both a key and a keypad code, etc.<\/p>\n<p>In the context of end-user computing, we all see this trade-off daily. Longer passwords are seen as more secure than shorter ones, but they\u2019re also harder to remember and type. Six-digit phone PINs are more secure but less convenient than four-digit ones. Multifactor authentication leveraging both a password and one-time code is more secure than just a password but annoying every time we have to switch over to the authenticator app to get that code. Requiring a PIN to unlock the authenticator app is more secure than not, but with the expense of additional steps and user annoyance.<\/p>\n<p>There\u2019s never really been any kind of standard for how this should all work and what should be used where. Different companies, policies, regulations, governance, organizational cultures, and sales rep effectiveness drive most of it, and things are different everywhere. What\u2019s been historically consistent is that more security has correlated to more hassle for the users.<\/p>\n<p>Finding the balance between security and convenience has always been about tradeoffs. I\u2019ve always thought of the \u201csecurity versus convenience\u201d model as a sliding scale, like the one below. You can draw a vertical line anywhere you want in the diagram below to get a certain level of security for a certain level of convenience, and increasing one decreases the other, and vice versa.<\/p>\n<p>Animateur : Andy Whiteside<br \/>Co-host: Erik Collett<\/p>\n<\/p>\n<div class=\"transcript\">\n<p><!--block-->WEBVTT<\/p>\n<p>1<br \/>00:00:02.730 &#8211;&gt; 00:00:09.450<br \/>Andy Whiteside: hi everyone and welcome to episode 20 of on the horizon i&#8217;m your host Andy whiteside i&#8217;ve got Eric Colette with me Eric any snow on the ground, yet.<\/p>\n<p>2<br \/>00:00:09.929 &#8211;&gt; 00:00:16.049<br \/>Erik Collett: No, there isn&#8217;t, although we have a lot of machines trying to make as much as possible for you.<\/p>\n<p>3<br \/>00:00:16.619 &#8211;&gt; 00:00:17.010<br \/>heard.<\/p>\n<p>4<br \/>00:00:18.270 &#8211;&gt; 00:00:21.540<br \/>Andy Whiteside: I heard the other day you guys really drive it&#8217;s cold right, but just.<\/p>\n<p>5<br \/>00:00:22.170 &#8211;&gt; 00:00:27.630<br \/>Erik Collett: it&#8217;s cold it&#8217;s dry we had some storms come through we saw snow stick and then it all melted.<\/p>\n<p>6<br \/>00:00:29.070 &#8211;&gt; 00:00:31.770<br \/>Erik Collett: it&#8217;s just one of those those types of years I guess.<\/p>\n<p>7<br \/>00:00:32.520 &#8211;&gt; 00:00:32.820<br \/>well.<\/p>\n<p>8<br \/>00:00:34.080 &#8211;&gt; 00:00:43.680<br \/>Erik Collett: yeah well we&#8217;ll get more later, but usually after or in the middle of December or at the end of December it hits us hard then it&#8217;s worthwhile so in.<\/p>\n<p>9<br \/>00:00:43.980 &#8211;&gt; 00:00:49.440<br \/>Andy Whiteside: A sense to you that don&#8217;t know Eric lives in utah and what would you call that central utah northern utah we&#8217;re.<\/p>\n<p>10<br \/>00:00:49.590 &#8211;&gt; 00:00:51.480<br \/>Erik Collett: Bad northern utah northern.<\/p>\n<p>11<br \/>00:00:52.110 &#8211;&gt; 00:00:55.950<br \/>Andy Whiteside: The high the high desert but enough cold where it makes them really fluffy snow.<\/p>\n<p>12<br \/>00:00:56.340 &#8211;&gt; 00:00:57.090<br \/>Andy Whiteside: And the most.<\/p>\n<p>13<br \/>00:00:58.380 &#8211;&gt; 00:01:00.210<br \/>Andy Whiteside: yeah what&#8217;s the closest town to you.<\/p>\n<p>14<br \/>00:01:00.780 &#8211;&gt; 00:01:04.350<br \/>Erik Collett: I am in ogden so i&#8217;m about 30 minutes north of salt lake.<\/p>\n<p>15<br \/>00:01:04.770 &#8211;&gt; 00:01:19.410<br \/>Erik Collett: Okay we&#8217;re in the only populated spot we&#8217;re stuck between mountains and a lake so it&#8217;s just this channel of people right now, and more and more show up in fact I even picked up this this this hat recently.<\/p>\n<p>16<br \/>00:01:23.340 &#8211;&gt; 00:01:27.390<br \/>Erik Collett: As because we&#8217;re super passive passive aggressive about people moving to utah.<\/p>\n<p>17<br \/>00:01:28.200 &#8211;&gt; 00:01:29.610<br \/>Andy Whiteside: So those of you listening.<\/p>\n<p>18<br \/>00:01:29.910 &#8211;&gt; 00:01:32.370<br \/>Andy Whiteside: Eric said says utah sucks don&#8217;t move here.<\/p>\n<p>19<br \/>00:01:33.420 &#8211;&gt; 00:01:37.230<br \/>Andy Whiteside: I do plan to live there part time someday Eric I don&#8217;t know.<\/p>\n<p>20<br \/>00:01:37.950 &#8211;&gt; 00:01:39.420<br \/>Erik Collett: Well we&#8217;ll make a space where you.<\/p>\n<p>21<br \/>00:01:40.560 &#8211;&gt; 00:01:44.280<br \/>Erik Collett: will make your life may get in the way i&#8217;m ever may not ever make it.<\/p>\n<p>22<br \/>00:01:44.340 &#8211;&gt; 00:01:52.890<br \/>Andy Whiteside: But definitely have some interest in at least spending some time out there is a beautiful place and good economy good good business we&#8217;ll see if it works oh.<\/p>\n<p>23<br \/>00:01:53.310 &#8211;&gt; 00:01:55.980<br \/>Erik Collett: yeah yeah happy to have you happy to have you.<\/p>\n<p>24<br \/>00:01:57.720 &#8211;&gt; 00:01:59.040<br \/>Andy Whiteside: He rolls his eyes, as he says.<\/p>\n<p>25<br \/>00:02:00.060 &#8211;&gt; 00:02:00.930<br \/>Erik Collett: nope no.<\/p>\n<p>26<br \/>00:02:02.640 &#8211;&gt; 00:02:10.200<br \/>Andy Whiteside: Alright, so Eric was gracious enough to pick an article for us this week, let me share my screen for those who will be watching at a later date.<\/p>\n<p>27<br \/>00:02:11.670 &#8211;&gt; 00:02:15.540<br \/>Andy Whiteside: And it&#8217;s the title of it and it&#8217;s written by Brian madden I lost it.<\/p>\n<p>28<br \/>00:02:17.190 &#8211;&gt; 00:02:20.730<br \/>Andy Whiteside: is called a zero trust avoids traditional security.<\/p>\n<p>29<br \/>00:02:21.870 &#8211;&gt; 00:02:32.940<br \/>Andy Whiteside: versus convenience trade offs and you know I did a DEMO this morning or yeah I did a DEMO this morning it was all about vdi we were showing vdi and this infrastructure that have come up with the put it on and.<\/p>\n<p>30<br \/>00:02:33.450 &#8211;&gt; 00:02:41.220<br \/>Andy Whiteside: At some point, I made a reference to some of my people my team they don&#8217;t even go to the vdi anymore, they go straight to.<\/p>\n<p>31<br \/>00:02:41.820 &#8211;&gt; 00:02:47.760<br \/>Andy Whiteside: The workspace with single sign on into all their applications and they just skip the vdi all together.<\/p>\n<p>32<br \/>00:02:48.330 &#8211;&gt; 00:02:53.940<br \/>Andy Whiteside: You know that&#8217;s part of your story right, you can you can have this very untrusted world come into a very trusted world.<\/p>\n<p>33<br \/>00:02:54.570 &#8211;&gt; 00:03:06.870<br \/>Andy Whiteside: And it becomes easy and they don&#8217;t have to you know, like this article talks about the trade offs of having to be secure and convenient it&#8217;s just kind of blends together now right.<\/p>\n<p>34<br \/>00:03:07.260 &#8211;&gt; 00:03:19.980<br \/>Erik Collett: yeah Oh, a lot of the things where we always had multiple ways to try and and figure out somebody&#8217;s identity and every time we set up one space for verifying identity.<\/p>\n<p>35<br \/>00:03:20.670 &#8211;&gt; 00:03:38.730<br \/>Erik Collett: It almost seemed like we had that pulled out from underneath us the passwords in particular passwords has always been our way of verifying identity, but we have to have a way of conveniently allowing somebody to refresh that password so there&#8217;s.<\/p>\n<p>36<br \/>00:03:40.110 &#8211;&gt; 00:03:45.510<br \/>Erik Collett: it&#8217;s it&#8217;s not a simple process security is tough it&#8217;s always been really hard now.<\/p>\n<p>37<br \/>00:03:46.560 &#8211;&gt; 00:03:46.950<br \/>Erik Collett: yeah.<\/p>\n<p>38<br \/>00:03:47.970 &#8211;&gt; 00:03:54.720<br \/>Andy Whiteside: Well, now we have single identity, we have, maybe a very simple password that comes with a multifactor challenge.<\/p>\n<p>39<br \/>00:03:55.200 &#8211;&gt; 00:04:06.330<br \/>Andy Whiteside: So you don&#8217;t get to be who you are everywhere and all you have to do is look down at your phone and hit OK, and now you&#8217;ve proven, you know a little bit of a password and you know you have a device, you have something that&#8217;s.<\/p>\n<p>40<br \/>00:04:06.780 &#8211;&gt; 00:04:07.590<br \/>Andy Whiteside: Still times.<\/p>\n<p>41<br \/>00:04:07.920 &#8211;&gt; 00:04:21.780<br \/>Erik Collett: yeah trusted device, and I mean a lot this article is beautiful because it elaborates on on these multiple different ways of authenticating, of course, you have the Multi factor authentication where it&#8217;s like well if they have access to their email.<\/p>\n<p>42<br \/>00:04:22.500 &#8211;&gt; 00:04:36.240<br \/>Erik Collett: Their trusted by their email provider if they have access to their phone their trusted by their phone which they&#8217;ve had to do certain things to make sure that that phone is trusted so we have unique devices and unique.<\/p>\n<p>43<br \/>00:04:37.590 &#8211;&gt; 00:04:51.780<br \/>Erik Collett: yeah unique devices web browsers that we can leverage to verify a person&#8217;s identity, but we even have devices that have specialized abilities like biometrics a physical asset to yourself.<\/p>\n<p>44<br \/>00:04:52.680 &#8211;&gt; 00:05:05.280<br \/>Erik Collett: or face ID which allows you to to take a picture of your face and and verify your identity via that and so all these different methods that we can now use to leverage to verify identity.<\/p>\n<p>45<br \/>00:05:05.820 &#8211;&gt; 00:05:15.420<br \/>Andy Whiteside: What are you an example of that a couple hours ago i&#8217;m pulled over at a convenience store trying to buy something for lunch and yeah that&#8217;s pretty sad but that&#8217;s what it was.<\/p>\n<p>46<br \/>00:05:16.560 &#8211;&gt; 00:05:22.290<br \/>Andy Whiteside: And I go to get some tickets for ticketmaster for a hockey game that we&#8217;re hosting tomorrow night down in Florida.<\/p>\n<p>47<br \/>00:05:22.740 &#8211;&gt; 00:05:29.460<br \/>Andy Whiteside: And it pops up to ticketmaster and it&#8217;s like oh my username password oh I can&#8217;t type this in and then it starts looking for my face.<\/p>\n<p>48<br \/>00:05:29.760 &#8211;&gt; 00:05:36.690<br \/>Andy Whiteside: And with a matter of seconds, it was secure because I knew who I was, but it was also convenient for me I didn&#8217;t have to type A single letter.<\/p>\n<p>49<br \/>00:05:37.230 &#8211;&gt; 00:05:50.100<br \/>Andy Whiteside: I know that&#8217;s become more and more normal and like consumer world but it&#8217;s becoming mainstream and in our in our work world to and it gets better but secure all at the same time yeah.<\/p>\n<p>50<br \/>00:05:50.520 &#8211;&gt; 00:06:00.720<br \/>Erik Collett: And it&#8217;s that&#8217;s the weird part that ability to maintain convenience is still maximized if you scroll down a little bit he&#8217;s got another chart that shows.<\/p>\n<p>51<br \/>00:06:01.020 &#8211;&gt; 00:06:10.350<br \/>Erik Collett: Basically we&#8217;re looking at us a rectangle and you&#8217;re drawing that diagonal line corner to corner through there and security has always been a.<\/p>\n<p>52<br \/>00:06:10.980 &#8211;&gt; 00:06:16.890<br \/>Erik Collett: Maximum at one side, where you have all of these different protection methods, but then convenience.<\/p>\n<p>53<br \/>00:06:17.520 &#8211;&gt; 00:06:23.070<br \/>Erik Collett: means you were insecure you you&#8217;ve never had felt like you always have that buttoned up.<\/p>\n<p>54<br \/>00:06:23.550 &#8211;&gt; 00:06:36.930<br \/>Erik Collett: But just a little bit down down a little bit further on this article you just see convenience just layering on top of it as maximum ability, all the way through, and you can actually have maximum security in maximum convenience.<\/p>\n<p>55<br \/>00:06:36.930 &#8211;&gt; 00:06:37.980<br \/>Erik Collett: Because of those.<\/p>\n<p>56<br \/>00:06:38.040 &#8211;&gt; 00:06:47.010<br \/>Andy Whiteside: Hello How is that possible, how do we have just a secure and just as convenient just stack on top of each other what what&#8217;s what&#8217;s driving that.<\/p>\n<p>57<br \/>00:06:47.760 &#8211;&gt; 00:06:51.930<br \/>Erik Collett: So I would say that there&#8217;s a little dip and convenience upfront just the dip.<\/p>\n<p>58<br \/>00:06:52.770 &#8211;&gt; 00:07:06.840<br \/>Erik Collett: That I because there are things that you have to establish first as soon as you as you&#8217;ve established your identity as a person as an entity and you have verified your physical assets you&#8217;ve verified your virtual assets.<\/p>\n<p>59<br \/>00:07:07.440 &#8211;&gt; 00:07:19.770<br \/>Erik Collett: And all of these different methods that kind of connect together, I think that is the beginning of an example that he doesn&#8217;t use here, but what i&#8217;ve always considered that, as the chain of custody.<\/p>\n<p>60<br \/>00:07:20.190 &#8211;&gt; 00:07:22.050<br \/>Erik Collett: You have a trusted provider that.<\/p>\n<p>61<br \/>00:07:22.230 &#8211;&gt; 00:07:35.820<br \/>Erik Collett: verifies who you are that starts the chain of custody that&#8217;s the first link in the chain is your identity to your your physical person and then as soon as you get to that point, you can then verify multiple.<\/p>\n<p>62<br \/>00:07:37.350 &#8211;&gt; 00:07:52.560<br \/>Erik Collett: I guess you could say multiple links in that chain to verify who you are all the way to your access to the product or access to the the application or access to the information that you&#8217;re looking for.<\/p>\n<p>63<br \/>00:07:53.610 &#8211;&gt; 00:08:06.090<br \/>Erik Collett: But it&#8217;s as soon as all those changes have been established, your location this two factor authentication your gmail your device your physical identity biometrics and face ID and so forth.<\/p>\n<p>64<br \/>00:08:06.360 &#8211;&gt; 00:08:13.410<br \/>Erik Collett: Soon, as though as those have been established, you can use any one of those in a rotating fashion to get complete access.<\/p>\n<p>65<br \/>00:08:14.400 &#8211;&gt; 00:08:22.170<br \/>Andy Whiteside: What I agree with you on that i&#8217;m sitting here, looking at a I don&#8217;t know a year and a half old phone it used to be, that I would get a new mobile phone every year.<\/p>\n<p>66<br \/>00:08:23.010 &#8211;&gt; 00:08:31.860<br \/>Andy Whiteside: And somebody looked at me today, so why don&#8217;t you just get a new phone i&#8217;m like I don&#8217;t want to have to go through all the inconvenience of getting it set up for my authenticators again and.<\/p>\n<p>67<br \/>00:08:32.100 &#8211;&gt; 00:08:41.160<br \/>Andy Whiteside: yeah i&#8217;ve got probably three or four on my phone, so I agree it&#8217;s not necessarily a perfect trans transition to having both but, once you get over the hump.<\/p>\n<p>68<br \/>00:08:41.760 &#8211;&gt; 00:08:49.950<br \/>Erik Collett: yeah I mean so that little dip I would just chop off the first little point of convenience, on this particular.<\/p>\n<p>69<br \/>00:08:50.220 &#8211;&gt; 00:09:00.600<br \/>Erik Collett: piece where it&#8217;s not exactly the most convenient at the very, very beginning, but as soon as you establish that as soon as you put that in place and configure it like you&#8217;re saying so many authenticators.<\/p>\n<p>70<br \/>00:09:01.620 &#8211;&gt; 00:09:05.400<br \/>Erik Collett: Then it becomes super convenient and everything&#8217;s at your fingertips.<\/p>\n<p>71<br \/>00:09:06.480 &#8211;&gt; 00:09:14.460<br \/>Andy Whiteside: And, and you know you go through that little blip just with the idea that you&#8217;re trying to have the convenience, but you still have to have some level of security.<\/p>\n<p>72<br \/>00:09:15.390 &#8211;&gt; 00:09:22.890<br \/>Andy Whiteside: Not some level, but a great level of security, these days, and it&#8217;s worth the you know the the week long your new phone you got a week of.<\/p>\n<p>73<br \/>00:09:22.920 &#8211;&gt; 00:09:26.880<br \/>Andy Whiteside: Oh, I didn&#8217;t put this on a little download and then by download I mean hit the button that says.<\/p>\n<p>74<br \/>00:09:27.060 &#8211;&gt; 00:09:31.500<br \/>Andy Whiteside: download and if you&#8217;re on a decent network within a second or.<\/p>\n<p>75<br \/>00:09:31.710 &#8211;&gt; 00:09:38.250<br \/>Andy Whiteside: 10 maybe 2030 you got the APP back you got authenticate old school one time now you&#8217;re back in business.<\/p>\n<p>76<br \/>00:09:38.730 &#8211;&gt; 00:09:47.490<br \/>Erik Collett: yeah it following this line this this this mode of thought for anybody who&#8217;s out there who wants to test this out because.<\/p>\n<p>77<br \/>00:09:48.000 &#8211;&gt; 00:09:59.250<br \/>Erik Collett: it&#8217;s so convenient right now it&#8217;s transparent to us whenever whenever we log into certain applications, it seems transparent to us first off get a new phone and then log out of all of your accounts.<\/p>\n<p>78<br \/>00:10:00.630 &#8211;&gt; 00:10:10.860<br \/>Erik Collett: log out of your email account log out of your web, you know, whatever if it&#8217;s sinking or whatever else log out of those and see how it feels to get back in.<\/p>\n<p>79<br \/>00:10:11.550 &#8211;&gt; 00:10:18.600<br \/>Erik Collett: And, and all of the different passwords and all the different verifications that you have to go through in order to get back into your stuff all of that.<\/p>\n<p>80<br \/>00:10:19.110 &#8211;&gt; 00:10:29.520<br \/>Erik Collett: Has has meshed together very well we&#8217;re adopting that technology within our workspace one platform, but it&#8217;s it&#8217;s something that&#8217;s now commonly out there with a lot of single sign on solutions.<\/p>\n<p>81<br \/>00:10:29.880 &#8211;&gt; 00:10:41.610<br \/>Erik Collett: So just know that we&#8217;re we&#8217;re part of the same mesh of trusted identities, but yeah it&#8217;s it&#8217;s challenging to get back to level yeah.<\/p>\n<p>82<br \/>00:10:42.990 &#8211;&gt; 00:10:48.690<br \/>Andy Whiteside: I like that you brought up identity, because it didn&#8217;t he&#8217;s not a security, peace, but that is part of the convenient speech right being.<\/p>\n<p>83<br \/>00:10:49.050 &#8211;&gt; 00:10:58.020<br \/>Andy Whiteside: One person that you identify as and then secure against are you, you have security policies and procedures associated with that one identity.<\/p>\n<p>84<br \/>00:10:58.470 &#8211;&gt; 00:11:07.500<br \/>Andy Whiteside: that&#8217;s a big part of the convenience factor of this, I still have systems where I have multiple user ids all over the place, many, many systems, but personally and work.<\/p>\n<p>85<br \/>00:11:08.010 &#8211;&gt; 00:11:16.440<br \/>Andy Whiteside: But every day gets better and better where I can start to use, at least for work single identity providers I would do the same thing on my personal life I just.<\/p>\n<p>86<br \/>00:11:16.890 &#8211;&gt; 00:11:25.890<br \/>Andy Whiteside: don&#8217;t have an identity provider, I really want to be the source of truth, for me, therefore, I don&#8217;t use the various social media places or other things for.<\/p>\n<p>87<br \/>00:11:26.700 &#8211;&gt; 00:11:31.920<br \/>Erik Collett: personal identity providers is social media as as an identity provider makes me feel awkward.<\/p>\n<p>88<br \/>00:11:32.130 &#8211;&gt; 00:11:41.700<br \/>Erik Collett: guest stream Lee awkward so yeah I agree with that i&#8217;ve played the game, and then I you know, probably locked myself enroll dial that back because it just doesn&#8217;t feel right now.<\/p>\n<p>89<br \/>00:11:42.420 &#8211;&gt; 00:11:51.900<br \/>Andy Whiteside: that&#8217;s a question for you multifactor so i&#8217;ve got my password that&#8217;s one factor right something you know is is having my phone and responding to a prompt on my phone is that.<\/p>\n<p>90<br \/>00:11:52.290 &#8211;&gt; 00:11:53.880<br \/>Andy Whiteside: Two more factors, or one factor.<\/p>\n<p>91<br \/>00:11:54.630 &#8211;&gt; 00:11:58.620<br \/>Erik Collett: So it and he he elaborates a little bit on these these particular.<\/p>\n<p>92<br \/>00:11:59.310 &#8211;&gt; 00:12:16.260<br \/>Erik Collett: In this section as well this the idea of having a physical trait or a specific skill or your location, I mean GEO location is such a big big deal you tell you tell them where you&#8217;re at, and then you prove where you&#8217;re at with GPS.<\/p>\n<p>93<br \/>00:12:17.970 &#8211;&gt; 00:12:30.690<br \/>Erik Collett: But also things that you know so knowledge of something skills on something physical identity and geolocation and then you can have multiple iterations of Oh, and your password the password that you said.<\/p>\n<p>94<br \/>00:12:31.530 &#8211;&gt; 00:12:40.290<br \/>Erik Collett: that&#8217;s there&#8217;s your your five, but they can also split even further and i&#8217;m sure that we will see more in the future more ways to identify yourself.<\/p>\n<p>95<br \/>00:12:40.680 &#8211;&gt; 00:12:40.830<br \/>As.<\/p>\n<p>96<br \/>00:12:42.450 &#8211;&gt; 00:12:55.470<br \/>Andy Whiteside: Well, so talk to us about what vmware is doing with workspace one and how these things starting to play into the mix of SAS Apps hosted x86 Apps desktop virtualization and more.<\/p>\n<p>97<br \/>00:12:55.770 &#8211;&gt; 00:13:00.900<br \/>Erik Collett: Well, the beauty of the onboarding that goes with workspace one is that.<\/p>\n<p>98<br \/>00:13:01.920 &#8211;&gt; 00:13:10.260<br \/>Erik Collett: you&#8217;re a known quantity to begin with, you have somebody who very verifies you validates you and then that starts that first link in the chain.<\/p>\n<p>99<br \/>00:13:11.130 &#8211;&gt; 00:13:25.740<br \/>Erik Collett: You now have an identity within this organization and then you can you continue to set up different devices on workspace one as your different authentication methods and it creates those multiple chain links in the chain.<\/p>\n<p>100<br \/>00:13:26.250 &#8211;&gt; 00:13:29.100<br \/>Erik Collett: And as soon as all of the that chain gets established.<\/p>\n<p>101<br \/>00:13:29.430 &#8211;&gt; 00:13:41.910<br \/>Erik Collett: You have total access to all of your workspace one application SAS Apps for one your vdi will immediately recognize who you are because you have an identity that&#8217;s verified within your active directory.<\/p>\n<p>102<br \/>00:13:42.390 &#8211;&gt; 00:13:52.650<br \/>Erik Collett: there&#8217;s all these different methods that let you get in quickly and will use multiple identification methods, whether that&#8217;s going to be a multi factor authentication.<\/p>\n<p>103<br \/>00:13:53.820 &#8211;&gt; 00:14:00.360<br \/>Erik Collett: like an authentication tool like RSA or G author, one of these many that are out there.<\/p>\n<p>104<br \/>00:14:01.590 &#8211;&gt; 00:14:14.910<br \/>Erik Collett: But also just physical identity starts coming into play where you&#8217;ve got your biometrics aligned with it, so you can use all of them and geolocation a huge geolocation is huge for mobile.<\/p>\n<p>105<br \/>00:14:15.690 &#8211;&gt; 00:14:22.380<br \/>Andy Whiteside: Well, so now we&#8217;re talking a lot about identity and the multifactor way of proving you are who you are, at the same time we&#8217;ve got old.<\/p>\n<p>106<br \/>00:14:23.070 &#8211;&gt; 00:14:31.260<br \/>Andy Whiteside: i&#8217;ll call it clergy systems that people are still using whether authenticating into a vpn and then from there they&#8217;re going to a specific URL URL or.<\/p>\n<p>107<br \/>00:14:31.620 &#8211;&gt; 00:14:44.430<br \/>Andy Whiteside: or even worse than IP address and trying to then launch something else that requires them to identify again, you know it&#8217;s a it&#8217;s been painful for me the last year to see people continue to do it that way, no one that&#8217;s how I did it in 1998.<\/p>\n<p>108<br \/>00:14:44.760 &#8211;&gt; 00:14:57.240<br \/>Andy Whiteside: Palin and that&#8217;s inconvenient, as well as more insecure all at the same time and that&#8217;s one of the things that solutions like workspace one that brings things into a into a portal.<\/p>\n<p>109<br \/>00:14:57.810 &#8211;&gt; 00:15:08.640<br \/>Andy Whiteside: Of all different types really helps to solve the the simplicity, as well as the convenience i&#8217;m using those two words intentionally different, as well as the security.<\/p>\n<p>110<br \/>00:15:10.410 &#8211;&gt; 00:15:23.880<br \/>Erik Collett: it&#8217;s it&#8217;s interesting that you bring it up that way because people don&#8217;t know what they don&#8217;t know and they don&#8217;t they don&#8217;t see what our modern approach is and it&#8217;s not just our modern approach, where one I mean we&#8217;re.<\/p>\n<p>111<br \/>00:15:24.390 &#8211;&gt; 00:15:42.030<br \/>Erik Collett: we&#8217;re adopting this we&#8217;re implementing it heavily we&#8217;re making it really easy, but there are others who do the same and we just it&#8217;s it&#8217;s a universal effort, and as long as you, you step into it just step into this this world.<\/p>\n<p>112<br \/>00:15:43.650 &#8211;&gt; 00:15:50.340<br \/>Erik Collett: With workspace one We only need one password We only need one set of authentication as soon as we have your identity.<\/p>\n<p>113<br \/>00:15:50.700 &#8211;&gt; 00:15:59.160<br \/>Erik Collett: We can now connect you with all different SAS Apps all different applications and we can deliver those applications to you, we can track those applications.<\/p>\n<p>114<br \/>00:15:59.580 &#8211;&gt; 00:16:05.340<br \/>Erik Collett: We know what you&#8217;re aligned with what you&#8217;re not aligned with and in all of those aspects we.<\/p>\n<p>115<br \/>00:16:05.970 &#8211;&gt; 00:16:19.170<br \/>Erik Collett: We basically deliver convenience, so that you can do your job without having to go through a whole lot of effort, I mean, I have one password I really do for for my job, I have one password and just asking that question.<\/p>\n<p>116<br \/>00:16:21.510 &#8211;&gt; 00:16:22.560<br \/>Erik Collett: Do you have one password.<\/p>\n<p>117<br \/>00:16:24.030 &#8211;&gt; 00:16:33.540<br \/>Andy Whiteside: And I, for the most part, do, but not for everything, but for the most part, but question what are examples of different identity providers that you can use in a workspace one.<\/p>\n<p>118<br \/>00:16:34.620 &#8211;&gt; 00:16:35.370<br \/>Andy Whiteside: configuration.<\/p>\n<p>119<br \/>00:16:36.120 &#8211;&gt; 00:16:57.570<br \/>Erik Collett: We are primarily aligned with true ssl but we using okta is another type of solution that would layer on top with ours, I, there are a plethora that we can work with third party identity managers, we have our own, of course, that we can you can leverage that comes with our package.<\/p>\n<p>120<br \/>00:16:58.950 &#8211;&gt; 00:17:08.520<br \/>Erik Collett: Again, true ssl was is that but at any point in time, if you wanted to leverage a different identity provider that will mesh very cleanly and with us.<\/p>\n<p>121<br \/>00:17:08.760 &#8211;&gt; 00:17:09.120<br \/>C'est vrai.<\/p>\n<p>122<br \/>00:17:10.350 &#8211;&gt; 00:17:12.180<br \/>Andy Whiteside: Okay yeah um.<\/p>\n<p>123<br \/>00:17:13.500 &#8211;&gt; 00:17:17.850<br \/>Andy Whiteside: But we still see tons of people that that aren&#8217;t leveraging those right, I mean what would you say percentage of.<\/p>\n<p>124<br \/>00:17:17.850 &#8211;&gt; 00:17:19.050<br \/>Andy Whiteside: people that are still.<\/p>\n<p>125<br \/>00:17:19.560 &#8211;&gt; 00:17:21.000<br \/>Andy Whiteside: I mean, are they just.<\/p>\n<p>126<br \/>00:17:21.060 &#8211;&gt; 00:17:23.130<br \/>Andy Whiteside: authenticating against active directory What are they doing.<\/p>\n<p>127<br \/>00:17:23.460 &#8211;&gt; 00:17:32.190<br \/>Erik Collett: And it is primarily authenticating against the active directory and then everybody has their own personal accounts that are attached to different solution providers.<\/p>\n<p>128<br \/>00:17:32.580 &#8211;&gt; 00:17:50.730<br \/>Erik Collett: office 365 does have a an ssl layer of sorts, as long as you have an appropriate identity, but you still have to log into that with password So if you don&#8217;t have a single sign on layer you&#8217;re not going to get the full benefits of it just.<\/p>\n<p>129<br \/>00:17:51.750 &#8211;&gt; 00:18:03.030<br \/>Erik Collett: Anybody who&#8217;s who&#8217;s still kind of in the dark ages and has a million different passwords and and is is just ham fisted their way through each security measure and over.<\/p>\n<p>130<br \/>00:18:04.260 &#8211;&gt; 00:18:12.990<br \/>Erik Collett: Basically, oh they&#8217;re over authenticating if that&#8217;s even a thing, but over authenticating themselves to to get access to small or.<\/p>\n<p>131<br \/>00:18:13.710 &#8211;&gt; 00:18:23.910<br \/>Erik Collett: You know very confidential information for one is is you know needs to be secured, but we can secure it with a lot lower effort than what most organizations are actually doing now.<\/p>\n<p>132<br \/>00:18:24.540 &#8211;&gt; 00:18:25.680<br \/>Erik Collett: I don&#8217;t know the percentage.<\/p>\n<p>133<br \/>00:18:25.920 &#8211;&gt; 00:18:27.480<br \/>Erik Collett: I wish I could say.<\/p>\n<p>134<br \/>00:18:29.400 &#8211;&gt; 00:18:30.510<br \/>Erik Collett: More than there should be.<\/p>\n<p>135<br \/>00:18:32.250 &#8211;&gt; 00:18:33.570<br \/>Andy Whiteside: Okay, so Eric.<\/p>\n<p>136<br \/>00:18:35.490 &#8211;&gt; 00:18:39.180<br \/>Andy Whiteside: Where does this go from here what&#8217;s what&#8217;s the future of.<\/p>\n<p>137<br \/>00:18:40.200 &#8211;&gt; 00:18:50.190<br \/>Andy Whiteside: A did at the point where we could just look at the screen and all of a sudden, you know where are we there with face it, I mean how many PCs I guess there&#8217;s the well Hello camera right, I mean there&#8217;s.<\/p>\n<p>138<br \/>00:18:50.880 &#8211;&gt; 00:18:51.750<br \/>Andy Whiteside: More and more common.<\/p>\n<p>139<br \/>00:18:52.410 &#8211;&gt; 00:18:58.470<br \/>Erik Collett: I, the one thing about face it, is that they have a lot of other protective measures behind it now.<\/p>\n<p>140<br \/>00:18:59.220 &#8211;&gt; 00:19:06.210<br \/>Erik Collett: I will say, with every authentication method, you have to find a way or find the ways that it will be exploited.<\/p>\n<p>141<br \/>00:19:06.810 &#8211;&gt; 00:19:13.830<br \/>Erik Collett: So understanding how something gets exploited verifies the security of a particular authentication method.<\/p>\n<p>142<br \/>00:19:14.310 &#8211;&gt; 00:19:21.540<br \/>Erik Collett: As long as we can always bring up authentication methods that cannot be exploited, like in the case of face ID there&#8217;s a lot of.<\/p>\n<p>143<br \/>00:19:21.990 &#8211;&gt; 00:19:36.630<br \/>Erik Collett: Other layers that go into verify it&#8217;s a 3D person you&#8217;re looking at they have flesh and blood, maybe they do some ir to see what he signature there is that kind of thing, so you can&#8217;t just hold up a piece of paper and and get that.<\/p>\n<p>144<br \/>00:19:38.040 &#8211;&gt; 00:20:00.300<br \/>Erik Collett: On to unlock but as long as those different protective protective measures are in there, then you can trust the trust the the technology to initiate the process it&#8217;ll it&#8217;ll evolve it I guarantee I mean DNA tests to verify who you are that sounds really scary but possible in the future.<\/p>\n<p>145<br \/>00:20:01.560 &#8211;&gt; 00:20:05.160<br \/>Andy Whiteside: You know to what level of security, do you need that level.<\/p>\n<p>146<br \/>00:20:05.370 &#8211;&gt; 00:20:06.090<br \/>Andy Whiteside: For certain.<\/p>\n<p>147<br \/>00:20:06.150 &#8211;&gt; 00:20:17.130<br \/>Andy Whiteside: For what types of applications so probably not for getting in and reading your email, however, you know for maybe access in your financial information, maybe someday little more secure than we have today.<\/p>\n<p>148<br \/>00:20:17.400 &#8211;&gt; 00:20:29.550<br \/>Erik Collett: yeah but but that&#8217;s the whole point of zero trust is it doesn&#8217;t matter how secure or or or how what&#8217;s the varying levels of security on a particular thing that you&#8217;re accessing.<\/p>\n<p>149<br \/>00:20:30.000 &#8211;&gt; 00:20:42.330<br \/>Erik Collett: We throw all of the security at it we&#8217;re throwing everything at it up front, no DNA testing might be a little invasive for that kind of thing, but if you can verify it maximally what.<\/p>\n<p>150<br \/>00:20:42.840 &#8211;&gt; 00:20:56.670<br \/>Erik Collett: If that&#8217;s your gateway all the time to maximum authentication maximize it you, you should use it if it&#8217;s convenient and if its maximum it, you should use it, at least in principle.<\/p>\n<p>151<br \/>00:20:57.270 &#8211;&gt; 00:21:04.110<br \/>Andy Whiteside: Yes, it&#8217;s interesting I was on I was with a customer this morning that they have a horizon desktop virtualization environment but.<\/p>\n<p>152<br \/>00:21:04.590 &#8211;&gt; 00:21:20.100<br \/>Andy Whiteside: They don&#8217;t allow access from the outside, so they&#8217;re getting the benefits of cost effective internal computing the life of their devices is much longer than it would have been However, you know they&#8217;re not getting the benefits of remote working i&#8217;m not sure how they&#8217;re handling that.<\/p>\n<p>153<br \/>00:21:21.420 &#8211;&gt; 00:21:31.080<br \/>Andy Whiteside: But it was interesting to see someone who hadn&#8217;t taken it quite that far yet i&#8217;m not sure if that was for security reasons, or they just you know haven&#8217;t invested in providing it as a remote access solution.<\/p>\n<p>154<br \/>00:21:31.980 &#8211;&gt; 00:21:41.580<br \/>Erik Collett: It i&#8217;ve seen i&#8217;ve seen a few implementations like that I called it, the secure donut because there was the you have a jump box inside of the donut.<\/p>\n<p>155<br \/>00:21:41.820 &#8211;&gt; 00:21:51.990<br \/>Erik Collett: And then you have in its air gapped basically not exactly but it&#8217;s air gapped enough that you could reach it from an internal something within the secret Donna.<\/p>\n<p>156<br \/>00:21:53.430 &#8211;&gt; 00:22:03.120<br \/>Erik Collett: But again, what what is that protecting and you know it&#8217;s making a hacker proof, but you&#8217;re still connected to the network right so.<\/p>\n<p>157<br \/>00:22:04.140 &#8211;&gt; 00:22:05.400<br \/>Erik Collett: There there&#8217;s a challenge there.<\/p>\n<p>158<br \/>00:22:06.210 &#8211;&gt; 00:22:10.020<br \/>Andy Whiteside: Well Eric I know this is a topic you&#8217;re passionate anything that we haven&#8217;t covered here that you&#8217;d want to.<\/p>\n<p>159<br \/>00:22:11.130 &#8211;&gt; 00:22:11.670<br \/>Andy Whiteside: bring up.<\/p>\n<p>160<br \/>00:22:12.420 &#8211;&gt; 00:22:27.180<br \/>Erik Collett: Well, I I I just I want to watch this space as as what it&#8217;s going to look like going forward because again identity is changing the way we approach verifying identity is changing.<\/p>\n<p>161<br \/>00:22:27.750 &#8211;&gt; 00:22:41.100<br \/>Erik Collett: I think that what the lessons that we learned here are going to find their way into the greater population, and when I say greater population this this idea of what&#8217;s what is the world going to look like.<\/p>\n<p>162<br \/>00:22:42.870 &#8211;&gt; 00:22:47.160<br \/>Erik Collett: If we&#8217;re not just looking at physical ids like.<\/p>\n<p>163<br \/>00:22:49.980 &#8211;&gt; 00:23:03.720<br \/>Erik Collett: What am I trying to say licenses on driver&#8217;s licenses or social security cards or all these different ways that we were verifying identity right i&#8217;m interested to see how this methodology is going to push its way back into the general population.<\/p>\n<p>164<br \/>00:23:04.020 &#8211;&gt; 00:23:11.370<br \/>Erik Collett: Right and will we use phones as a digital ID that we can say here, look at look at this.<\/p>\n<p>165<br \/>00:23:11.520 &#8211;&gt; 00:23:15.300<br \/>Erik Collett: And right, you know, is this verifiable so.<\/p>\n<p>166<br \/>00:23:16.320 &#8211;&gt; 00:23:20.640<br \/>Erik Collett: I i&#8217;m curious how technology will influence our reality.<\/p>\n<p>167<br \/>00:23:21.150 &#8211;&gt; 00:23:35.640<br \/>Andy Whiteside: yeah yeah i&#8217;ve got to fly somewhere in the morning, I need to check, so you have ever got my tsa number updated I went last week I just don&#8217;t ever got through or not always something to do but yeah i&#8217;m looking forward to the time when I don&#8217;t have to like they know who I am based on.<\/p>\n<p>168<br \/>00:23:35.700 &#8211;&gt; 00:23:51.180<br \/>Andy Whiteside: yeah Maybe my visual recognition as well as some real time push that you know, two elements of me being me proved, who I am and I can just walk through security and through the scanner of some type and not have to not have to have that uncomfortable awkward inconvenient experience.<\/p>\n<p>169<br \/>00:23:51.450 &#8211;&gt; 00:23:54.780<br \/>Erik Collett: yeah yeah it&#8217;s really nice to have.<\/p>\n<p>170<br \/>00:23:56.190 &#8211;&gt; 00:23:56.880<br \/>Erik Collett: it&#8217;s really nice.<\/p>\n<p>171<br \/>00:23:57.570 &#8211;&gt; 00:23:59.190<br \/>Andy Whiteside: that&#8217;s a good that&#8217;s a good.<\/p>\n<p>172<br \/>00:24:00.480 &#8211;&gt; 00:24:06.270<br \/>Andy Whiteside: way to end this i&#8217;ve got to go check that before tomorrow&#8217;s fly but Eric thanks for jumping on and appreciate you bringing topics as always.<\/p>\n<p>173<br \/>00:24:06.540 &#8211;&gt; 00:24:09.030<br \/>Erik Collett: yeah my pleasure see it.<\/p>\n<p>174<br \/>00:24:09.360 &#8211;&gt; 00:24:10.680<br \/>Andy Whiteside: we&#8217;ll do it again a couple weeks.<\/p>\n<p>175<br \/>00:24:10.710 &#8211;&gt; 00:24:11.280<br \/>Erik Collett: got it.<\/p>\n<p>176<br \/>00:24:11.580 &#8211;&gt; 00:24:12.000<br \/>Andy Whiteside: Thanks for.<\/p>\n<p><\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Everyone reading this has probably heard that old rule of thumb that security and convenience are inversely proportional. In other words, increasing security comes with the cost of less convenience, &hellip;<\/p>","protected":false},"author":7,"featured_media":65954,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_price":"","_stock":"","_tribe_ticket_header":"","_tribe_default_ticket_provider":"","_tribe_ticket_capacity":"0","_ticket_start_date":"","_ticket_end_date":"","_tribe_ticket_show_description":"","_tribe_ticket_show_not_going":false,"_tribe_ticket_use_global_stock":"","_tribe_ticket_global_stock_level":"","_global_stock_mode":"","_global_stock_cap":"","_tribe_rsvp_for_event":"","_tribe_ticket_going_count":"","_tribe_ticket_not_going_count":"","_tribe_tickets_list":"[]","_tribe_ticket_has_attendee_info_fields":false,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-65975","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-podcast"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>20: On the Horizon: Zero Trust avoids the traditional tradeoffs - XenTegra<\/title>\n<meta name=\"description\" content=\"Balancing security and convenience often involves tradeoffs, but Zero Trust shifts away from this sliding scale model.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xentegra.com\/fr\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/\" \/>\n<meta property=\"og:locale\" content=\"fr_CA\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"20: On the Horizon: Zero Trust avoids the traditional tradeoffs - XenTegra\" \/>\n<meta property=\"og:description\" content=\"Balancing security and convenience often involves tradeoffs, but Zero Trust shifts away from this sliding scale model.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xentegra.com\/fr\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/\" \/>\n<meta property=\"og:site_name\" content=\"XenTegra\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/XenTegra\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-07T18:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-30T17:53:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2024\/03\/On-the-Horizon.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1100\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Chase Newmyer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xentegra\" \/>\n<meta name=\"twitter:site\" content=\"@xentegra\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chase Newmyer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimation du temps de lecture\" \/>\n\t<meta name=\"twitter:data2\" content=\"24 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/\"},\"author\":{\"name\":\"Chase Newmyer\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/#\\\/schema\\\/person\\\/84736408f096bfd92b80305aea8846a7\"},\"headline\":\"20: On the Horizon: Zero Trust avoids the traditional \u201csecurity versus convenience\u201d tradeoffs\",\"datePublished\":\"2021-12-07T18:00:00+00:00\",\"dateModified\":\"2026-01-30T17:53:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/\"},\"wordCount\":5275,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xentegra.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/On-the-Horizon.png\",\"articleSection\":[\"Podcast\"],\"inLanguage\":\"fr-CA\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/\",\"url\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/\",\"name\":\"20: On the Horizon: Zero Trust avoids the traditional tradeoffs - XenTegra\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xentegra.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/On-the-Horizon.png\",\"datePublished\":\"2021-12-07T18:00:00+00:00\",\"dateModified\":\"2026-01-30T17:53:21+00:00\",\"description\":\"Balancing security and convenience often involves tradeoffs, but Zero Trust shifts away from this sliding scale model.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#breadcrumb\"},\"inLanguage\":\"fr-CA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-CA\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/xentegra.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/On-the-Horizon.png\",\"contentUrl\":\"https:\\\/\\\/xentegra.com\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/On-the-Horizon.png\",\"width\":1100,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/resources\\\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/xentegra.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"20: On the Horizon: Zero Trust avoids the traditional \u201csecurity versus convenience\u201d tradeoffs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/#website\",\"url\":\"https:\\\/\\\/xentegra.com\\\/\",\"name\":\"XenTegra\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/xentegra.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-CA\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/#organization\",\"name\":\"XenTegra\",\"url\":\"https:\\\/\\\/xentegra.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-CA\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/xentegra.com\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/1519903807641-min.jpg\",\"contentUrl\":\"https:\\\/\\\/xentegra.com\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/1519903807641-min.jpg\",\"width\":200,\"height\":200,\"caption\":\"XenTegra\"},\"image\":{\"@id\":\"https:\\\/\\\/xentegra.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/XenTegra\\\/\",\"https:\\\/\\\/x.com\\\/xentegra\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/xentegra-llc\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/xentegra.com\\\/#\\\/schema\\\/person\\\/84736408f096bfd92b80305aea8846a7\",\"name\":\"Chase Newmyer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-CA\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d46cd44f0bd433dc5a386cbac549c62fd92266e3951669c705b347be2130cca3?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d46cd44f0bd433dc5a386cbac549c62fd92266e3951669c705b347be2130cca3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d46cd44f0bd433dc5a386cbac549c62fd92266e3951669c705b347be2130cca3?s=96&d=mm&r=g\",\"caption\":\"Chase Newmyer\"},\"url\":\"https:\\\/\\\/xentegra.com\\\/fr\\\/resources\\\/author\\\/chasenewmyer\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"20: On the Horizon: Zero Trust avoids the traditional tradeoffs - XenTegra","description":"Balancing security and convenience often involves tradeoffs, but Zero Trust shifts away from this sliding scale model.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xentegra.com\/fr\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/","og_locale":"fr_CA","og_type":"article","og_title":"20: On the Horizon: Zero Trust avoids the traditional tradeoffs - XenTegra","og_description":"Balancing security and convenience often involves tradeoffs, but Zero Trust shifts away from this sliding scale model.","og_url":"https:\/\/xentegra.com\/fr\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/","og_site_name":"XenTegra","article_publisher":"https:\/\/www.facebook.com\/XenTegra\/","article_published_time":"2021-12-07T18:00:00+00:00","article_modified_time":"2026-01-30T17:53:21+00:00","og_image":[{"width":1100,"height":600,"url":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2024\/03\/On-the-Horizon.png","type":"image\/png"}],"author":"Chase Newmyer","twitter_card":"summary_large_image","twitter_creator":"@xentegra","twitter_site":"@xentegra","twitter_misc":{"\u00c9crit par":"Chase Newmyer","Estimation du temps de lecture":"24 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#article","isPartOf":{"@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/"},"author":{"name":"Chase Newmyer","@id":"https:\/\/xentegra.com\/#\/schema\/person\/84736408f096bfd92b80305aea8846a7"},"headline":"20: On the Horizon: Zero Trust avoids the traditional \u201csecurity versus convenience\u201d tradeoffs","datePublished":"2021-12-07T18:00:00+00:00","dateModified":"2026-01-30T17:53:21+00:00","mainEntityOfPage":{"@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/"},"wordCount":5275,"commentCount":0,"publisher":{"@id":"https:\/\/xentegra.com\/#organization"},"image":{"@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#primaryimage"},"thumbnailUrl":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2024\/03\/On-the-Horizon.png","articleSection":["Podcast"],"inLanguage":"fr-CA","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/","url":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/","name":"20: On the Horizon: Zero Trust avoids the traditional tradeoffs - XenTegra","isPartOf":{"@id":"https:\/\/xentegra.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#primaryimage"},"image":{"@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#primaryimage"},"thumbnailUrl":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2024\/03\/On-the-Horizon.png","datePublished":"2021-12-07T18:00:00+00:00","dateModified":"2026-01-30T17:53:21+00:00","description":"Balancing security and convenience often involves tradeoffs, but Zero Trust shifts away from this sliding scale model.","breadcrumb":{"@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#breadcrumb"},"inLanguage":"fr-CA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/"]}]},{"@type":"ImageObject","inLanguage":"fr-CA","@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#primaryimage","url":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2024\/03\/On-the-Horizon.png","contentUrl":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2024\/03\/On-the-Horizon.png","width":1100,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/xentegra.com\/resources\/20-on-the-horizon-zero-trust-avoids-the-traditional-security-versus-convenience-tradeoffs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xentegra.com\/"},{"@type":"ListItem","position":2,"name":"20: On the Horizon: Zero Trust avoids the traditional \u201csecurity versus convenience\u201d tradeoffs"}]},{"@type":"WebSite","@id":"https:\/\/xentegra.com\/#website","url":"https:\/\/xentegra.com\/","name":"XenTegra","description":"","publisher":{"@id":"https:\/\/xentegra.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xentegra.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-CA"},{"@type":"Organization","@id":"https:\/\/xentegra.com\/#organization","name":"XenTegra","url":"https:\/\/xentegra.com\/","logo":{"@type":"ImageObject","inLanguage":"fr-CA","@id":"https:\/\/xentegra.com\/#\/schema\/logo\/image\/","url":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2023\/06\/1519903807641-min.jpg","contentUrl":"https:\/\/eadn-wc05-13529174.nxedge.io\/wp-content\/uploads\/2023\/06\/1519903807641-min.jpg","width":200,"height":200,"caption":"XenTegra"},"image":{"@id":"https:\/\/xentegra.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/XenTegra\/","https:\/\/x.com\/xentegra","https:\/\/www.linkedin.com\/company\/xentegra-llc"]},{"@type":"Person","@id":"https:\/\/xentegra.com\/#\/schema\/person\/84736408f096bfd92b80305aea8846a7","name":"Chase Newmyer","image":{"@type":"ImageObject","inLanguage":"fr-CA","@id":"https:\/\/secure.gravatar.com\/avatar\/d46cd44f0bd433dc5a386cbac549c62fd92266e3951669c705b347be2130cca3?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d46cd44f0bd433dc5a386cbac549c62fd92266e3951669c705b347be2130cca3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d46cd44f0bd433dc5a386cbac549c62fd92266e3951669c705b347be2130cca3?s=96&d=mm&r=g","caption":"Chase Newmyer"},"url":"https:\/\/xentegra.com\/fr\/resources\/author\/chasenewmyer\/"}]}},"_links":{"self":[{"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/posts\/65975","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/comments?post=65975"}],"version-history":[{"count":3907,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/posts\/65975\/revisions"}],"predecessor-version":[{"id":716282,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/posts\/65975\/revisions\/716282"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/media\/65954"}],"wp:attachment":[{"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/media?parent=65975"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/categories?post=65975"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xentegra.com\/fr\/wp-json\/wp\/v2\/tags?post=65975"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}