Update src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

Author: securitypedant

src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx

@@ -28,7 +28,7 @@ Along with these advantages, SaaS applications introduce new challenges and secu
 The ease with which users can sign up for new SaaS services, particularly free and popular ones, often leaves IT teams unaware of all the applications employees use - a trend known as [Shadow IT](https://www.cloudflare.com/en-gb/learning/access-management/what-is-shadow-it/). These unmanaged SaaS applications can be misused by employees, either intentionally or accidentally, potentially leading to data leaks due to the upload of sensitive data into applications that are not under the control of the IT team.
 
 Trying to use a [traditional castle-and-moat security model](https://www.cloudflare.com/en-gb/learning/access-management/castle-and-moat-network-security/) is unsuitable for SaaS applications, as the services and their data are no longer confined to on-premises data centers within an enterprise network. This outdated approach forces a trade-off between security and performance:
-- One strategy organizations adopt to enhance security involves shielding SaaS applications from the broader Internet by implementing IP allow lists and routing traffic through the organization’s data center. This approach also enables the inspection of traffic for on-premises applications. However, this method negatively impacts the user experience, leading to increased latency and reduced bandwidth when routing all traffic through a single data center.
+- One strategy organizations adopt to enhance security involves shielding SaaS applications from the broader Internet by implementing IP allow lists and routing traffic through the organization's data center. This approach also enables the inspection of traffic for on-premises applications. However, this method negatively impacts the user experience, leading to increased latency and reduced bandwidth when routing all traffic through a single data center.
 - Conversely, if user traffic is sent directly to the Internet, bypassing a local VPN client by using split tunneling, security and visibility are compromised as enterprise network controls are bypassed (and IP allow lists are no longer feasible).
 
 ![Figure 1: Two different routes to a SaaS application, one secure but low performance, the second fast but less security.](~/assets/images/reference-architecture/zero-trust-for-saas/zero-trust-saas-image-01.svg "Figure 1: Two different routes to a SaaS application, one secure but low performance, the second fast but less security.")