Bytes - Smarter together
Bytes - Smarter together

Why Unified Data Security is Essential in 2025

Wednesday 12th March 2025

 
Rich Beckett
Senior Product Marketing Manager
Author
 
Daniela Miccardi
Cyber Security & Enterprise Networking Manager
Editor

The growing challenge of data security

As organisations rapidly adopt generative AI and other innovations, data is spreading across SaaS applications, public and private clouds, and on-premise systems—way beyond traditional security perimeters.

SaaS proliferation is a major factor. While corporate applications may be well managed, personal app usage is rampant, with over a quarter of users uploading, posting, or sending data to personal apps each month. Shadow IT further complicates the landscape, as unapproved apps and services handle corporate data. Data moves freely between these tools, often without security controls.

But nothing has increased the speed at which we access and interact with data like generative AI (genAI). Adoption is surging, with the number of genAI users tripling in the past year and 94% of organisations now using AI-powered applications, according to Netskope Threat Labs. However, this increases data risk, as sensitive information is shared with AI tools without oversight.

Remote and hybrid work exacerbate these challenges by blurring security perimeters. Employees access data from anywhere, making it harder to control where information flows.

Step 1: Achieving visibility

Before protecting data, organisations must know where it is. Visibility is the foundation of data security, yet achieving it is increasingly difficult.

Data no longer sits in one place—it moves across applications, cloud environments, and devices. Many systems communicate through encrypted APIs, with 90% of cloud traffic now encrypted, complicating inspection.

This is why security needs to work with networking or, in other words, secure access service edge (SASE). Organisations need to decrypt, inspect, and re-encrypt traffic to see data at scale without compromising performance. Many struggle with this, even major SaaS providers, but without inline inspection, organisations cannot track data movement, app usage, or risks, increasing the likelihood of leaks.

Fortunately, exciting new technologies like data security posture management (DSPM) are now helping organisations see even further to answer key questions:

  • Where is our data?
  • What type of data do we have?
  • Who has access?

What risky interactions are occurring?

By addressing these, organisations can locate, classify, and secure sensitive data, uncovering hidden stores they didn't realize existed.

Step 2: Taking control with analytics

Once you have visibility, the next step is control. This is where analytics comes in. Security teams already deploy tools like secure web gateways (SWG), cloud access security brokers (CASB), and data loss prevention (DLP), but without analytics, they fail to maximize value.

With the right tools, organisations can answer key questions:

  • Who is accessing critical data?
  • What apps are being used?
  • How frequently?
  • Where is data moving?
  • Are users behaving normally, or is there an insider threat?

Analytics shifts security from reactive to proactive. It enables organisations to prevent breaches, improve decision-making through data visualization, identify unnecessary app usage, and ensure compliance.

Analytics can also drive cost savings. By tracking cloud service usage, organisations can identify redundant apps, consolidate licensing, and eliminate wasteful expenses.

Step 3: Staying compliant while using genAI

We all want to take advantage of genAI. But with all new technologies, it's easy to not know where to start. Most use cases fall into three categories: standalone genAI apps (e.g., ChatGPT), AI-augmented SaaS apps (e.g., Salesforce, Grammarly), and AI-driven assistants (e.g., Microsoft 365 Copilot). Despite the AI buzz, these remain SaaS applications at their core.

AI-specific regulations are evolving, but existing data privacy laws like GDPR still apply. Organisations must classify and label data, enforce access controls, and track data flows to ensure compliance.

This is where SASE and zero trust excel. Security, data protection, and GRC teams can:

  • Continuously assess AI apps and plug-ins
  • Evaluate data privacy, compliance, security controls, and disaster recovery plans
  • Continuously discover, classify, and monitor data interactions
  • Implement dynamic access controls based on risk levels

To give you an idea of the scale of assessment needed, at Netskope we now assess more than 80,000 applications. And to match the pace of AI app development, we ourselves use genAI to automate and scale these analyses continuously.

Step 4: Managing hybrid work risks

Hybrid work is here to stay, but it also increases security risks. The latest Verizon Data Breach Report reveals that 68% of breaches involve human error. With employees working remotely, security can no longer be tied to a single location. Instead, security must follow the data.

Each user effectively acts as their own security perimeter, choosing which apps to use and where to send data—introducing new vulnerabilities. Legacy VPNs are ineffective, granting overly broad access and exposing organisations to risk.

A better alternative is zero trust network access (ZTNA), which enforces security at the application level:

  • Applications remain hidden from the public internet, reducing attack surfaces
  • Access is granted only to specific users for specific apps, minimizing exposure
  • Trust is adaptive, based on identity, device posture, and real-time behavior analysis

By replacing VPNs with ZTNA, organisations can secure their hybrid workforce, reducing human error and risk exposure while ensuring security moves with the data.

Step 5: The power of zero trust

Zero trust is a top security priority in 2025 because it shifts protection from the network perimeter to the data itself.

Every request is verified based on identity, device, location, and intent, providing full transparency over critical data. Keeping attackers out is no longer enough; even trusted users and applications require strict, contextual access controls. Without zero trust, organisations lack granular visibility into their data security landscape and that prevents you from applying granular policies to enable new technologies like genAI without the risk.

Wrapping up

Data security in 2025 is more complex than ever, but a unified approach that integrates security and network controls through a SASE architecture makes it manageable. By combining visibility, analytics, unified data protection controls, AI governance, hybrid work protections, and zero trust, organisations can secure their data wherever it goes.

The key takeaway? Security isn’t just about blocking threats—it’s about enabling safe, smart, and efficient ways to work in a borderless data environment.

______________________________

Keen to learn more about how Bytes and Netskope can transform your Cyber Security strategy? Reach out to your Bytes Account Manager, or email [email protected].

Want to keep informed? Sign up to our Newsletter

Connect