In 2015, the defining unauthorized technology problem was shadow IT — employees spinning up unauthorized cloud instances, using unapproved SaaS tools, and bypassing IT procurement. Security teams spent years building visibility into this phenomenon. Many organizations are still fighting it. Now there is a new challenge that makes shadow IT look quaint: Shadow AI.
Shadow AI is the proliferation of unauthorized, unmonitored, and ungoverned AI tools across enterprise environments. Unlike shadow IT, where the primary risk was data being stored in the wrong place, shadow AI creates a data exfiltration surface of an entirely different magnitude — one where employees are actively feeding sensitive corporate data into models trained by unknown parties, with unknown data retention policies, under terms of service their security teams have never reviewed.
The Scale of the Problem
Our research across enterprise clients in Q4 2025 found that in organizations with 1,000 or more employees:
- 73% had employees regularly using AI tools not approved by IT security
- 61% had employees pasting proprietary source code into public AI assistants
- 48% had employees uploading internal documents, including confidential contracts and HR records, to consumer AI services
- 34% had employees using AI tools that had terms of service explicitly allowing the provider to use submitted data for model training
- 22% had employees using AI browser extensions with broad access to all web content — including internal systems accessed through the browser
These numbers represent an ongoing, uncontrolled data exfiltration event affecting the majority of large enterprises. Most of it is not malicious — employees are using tools they find useful, unaware of the security implications. The intent is irrelevant; the exposure is real.
A developer who pastes proprietary algorithm code into a consumer AI assistant to get debugging help has just potentially transferred your intellectual property to a third party's training corpus. They meant no harm. The harm happened anyway.
What Gets Exposed
Intellectual Property and Source Code
Code assistants are among the most commonly used shadow AI tools. Developers routinely paste proprietary algorithms, internal API specifications, database schemas, and architectural details into public coding assistants. Beyond the immediate data exposure, this creates a subtle long-term risk: if the AI provider uses submitted queries for training, your proprietary code may eventually influence the outputs provided to competitors using the same service.
Customer and Employee PII
Customer service and HR employees frequently use AI writing assistants to draft communications. Without guardrails, these tools receive full customer records, employee performance reviews, salary information, medical accommodation details, and other highly sensitive PII. The regulatory implications under GDPR, CCPA, and sector-specific privacy laws are severe — transferring this data to an unauthorized third party may constitute a reportable breach regardless of whether the data is subsequently misused.
Strategic and Financial Information
Executives and business analysts using AI tools for analysis and presentation drafting expose strategic plans, financial forecasts, M&A discussions, and competitive intelligence. This information, once submitted to an external AI service, is outside the organization's control entirely. If the AI provider is compromised, or if their data retention policies are insufficient, this information may surface in ways the organization cannot anticipate or control.
Credentials and Security Configurations
Infrastructure teams pasting configuration files, Kubernetes manifests, Terraform code, or deployment scripts into AI assistants for troubleshooting frequently expose secrets embedded in those files: API keys, database connection strings, private certificates, and internal endpoint URLs. This is arguably the highest-risk shadow AI exposure because the consequences can be immediate and severe.
Building a Shadow AI Governance Program
Discovery Before Policy
You cannot govern what you cannot see. Begin with a discovery phase that maps actual AI tool usage across the organization. Network traffic analysis, browser extension inventories, DLP telemetry, and direct employee surveys (properly anonymous to encourage honesty) will reveal which tools are in use and what data types are being submitted. This baseline is essential — AI governance policies built without usage data will be both over-restrictive in irrelevant areas and under-restrictive where the real risk exists.
Risk-Tiered AI Tool Classification
Not all unauthorized AI tools carry the same risk. Classify discovered tools across dimensions of data retention policy, terms of service permissiveness, security certification, provider jurisdiction, and data residency. Create a tiered classification:
- Approved: Tools that have passed security review and are permitted for specific use cases with defined data handling guidelines
- Conditionally approved: Tools that are permitted for non-sensitive data use cases pending full review
- Under review: Tools in assessment — pending classification
- Prohibited: Tools with unacceptable data handling practices, opaque terms of service, or identified security deficiencies
DLP Integration for AI Traffic
Extend your Data Loss Prevention infrastructure to monitor traffic destined for AI endpoints. Configure policies that detect and block uploads of content matching sensitive data patterns — PII, credentials, proprietary code signatures, and document classification markers — to non-approved AI services. This is not a replacement for governance, but it provides a technical safety net while organizational policies mature.
The Approved AI Program
Prohibition alone does not work. Employees use shadow AI because it makes them more productive and the approved alternatives are inadequate or nonexistent. A successful shadow AI governance program provides better, safer alternatives — enterprise AI tools with contractual data protection guarantees, data residency commitments, no training on customer data, and security certifications your legal and compliance teams have approved. Make the safe path the easy path.
Shadow AI as a Canary
Beyond the direct security risks, high rates of shadow AI usage are a signal that deserves attention in its own right. Employees seeking unauthorized tools are usually doing so because their authorized tools are insufficient for the work they are trying to do. Shadow AI adoption is a leading indicator of the AI capabilities gap between what employees need and what IT is providing. Organizations that respond to shadow AI exclusively with prohibition and enforcement — without addressing the underlying productivity need — will find that shadow AI spreads underground rather than disappearing.
The goal is not a shadow-AI-free enterprise. It is an enterprise where AI adoption happens in the open, with appropriate security controls, because the secure path is better than the insecure alternative. Contact our team for a shadow AI risk assessment and governance roadmap.