By focusing on the way in which applications are accessed, an enterprise can alter the way in which it secures information. Technology exists today that allows for an application-centric trust model regardless of where an application is hosted and regardless of where the endpoint is located. The third in a series on enterprise information security architecture (EISA), this analyst brief envisages an enterprise trust model free of the shackles of hardware-centric information security.