What is Shadow AI?
Many organizations are seeking to benefit from the productivity and innovation that AI can provide. However, the use of AI elevates risk to data security, compliance, and corporate reputation. Organizations are discovering that some employees are using publicly available models or applications without IT oversight, adding to the problem of Shadow AI. Shadow AI, in this context, means the unauthorized use of publicly available AI tools and models by employees without IT oversight. This problem has emerged as a critical issue for today’s organizations. This category of Shadow AI includes AI chatbots, coding assistants, and analytics platforms typically accessed via the web or APIs, and which often bypass traditional security controls and security governance.
Shadow AI tools such as OpenAI’s ChatGPT, Google Gemini, GitHub Copilot, and even writing tools like Grammarly, when used without IT oversight, create new risks for organizations. These risks are multifaceted but typically center around the potential for data leakage, loss, and manipulation. Typically, data leakage and loss of confidentiality are the top-of-mind considerations when assessing the risk of Shadow AI to an organization.
Why is Shadow AI considered a risk to organizations?
Your confidential data may be training other companies’ AI models
When using Shadow AI tools without the appropriate oversight and control, oftentimes users upload sensitive data to the AI platform. Once uploaded, many of these public AI platforms may use the data to further train their models. Once the data is uploaded and used to train the model, there is a risk that the data can be extracted by other users purposely or appear randomly in the AI responses for other users.
One example of data inadvertently being exposed via the use of Shadow AI is the 2022 code leak experienced by Samsung1, where proprietary code was exposed unintentionally because employees were inputting the code to public AI services to perform their jobs.
In addition to data leakage and confidentiality, the use of these Shadow AI tools often circumvents controls implemented to ensure compliance with regulatory requirements (GDPR, HIPAA, CCPA). By circumventing controls and potentially exposing protected data, users expose their organization to regulatory penalties and legal liability. The risk to compliance is the same as the risk of data in general. If the data is uploaded to the AI provider, stored by the provider, and used to train the model, data confidentiality is likely to be breached as the data is used by the AI service—meaning the data per the default settings of the AI service can be shared to anyone by the AI service. This sharing of protected data can have serious implications for the organization.
Shadow AI can also lead to third-party risk
Additional risk to compliance with regulatory requirements can come from an often-overlooked area of vulnerability: third-party risk. Some of these public AI providers often have hidden supply chain vulnerabilities or are subject to foreign data laws due to the location of the data used to train the model. Depending on which country the AI providers store their data, there are risks related to the security and legal use of the data. These risks have led several countries to restrict or ban certain public AI models due to security and privacy concerns. Third-party risk related to the use of public AI may also pose bias issues when public AI is used in business decision-making.
Many employees have admitted to using publicly available AI to generate business insights or business strategy. Often, they use AI to accelerate the production of reports, plans, and other materials. On the surface, it is logical that one could take raw data related to their job and run the data through an AI model to add velocity to their work output. However, there is a risk that the data used to train the AI model is unverified and biased, and the model hallucinates an answer. In all three of the prior cases, there is a lack of visibility into how decisions related to the information in the response were made. This lack of visibility leads to the risk of errors, bias, or even lawsuits.
How can organizations effectively manage Shadow AI?
Today’s tools are not equipped to mitigate the risks presented by public AI. It is often difficult for traditional security tools to determine which sites contain AI tools, leaving organizations grappling with how to enforce control. Additionally, many public AI tools use APIs that bypass traditional secure web gateway (SWG) controls. The goal of controlling AI use in an organization should not be to totally prohibit the use of public AI tools. The goal should be to ensure that sensitive data is not being used in unapproved AI tools.
Why traditional network security fails against Shadow AI
Simply blocking the use of AI in an organization creates a false sense of security. Users will find ways around the blocks and continue to put sensitive data at risk. Many experts advise that organizations provide a sanctioned AI platform for use with sensitive data and control the input of sensitive data to other AI platforms. There are tools available today that incorporate current security controls, allowing organizations to limit the sharing of sensitive data with unsanctioned AI platforms and coach and enforce the use of sanctioned AI when working with sensitive data. This approach allows employees flexibility by enabling them to use public AI while ensuring that sensitive corporate data is not shared with public AI providers.
The problem of public Shadow AI use is prevalent in today’s workforce. Public AI tools are easily accessible and lower the technical barriers to use. This means that the use of public AI tools is not limited to technical staff and tinkerers. Studies have shown that over half of the workforce uses public AI tools on a weekly basis. Many of these employees will admit to sharing sensitive data through their use of public AI.
So, how can organizations effectively manage Shadow AI?
Here are five strategies that organizations can implement to address the public Shadow AI problem.
1. Establish governance: Develop and enforce AI-specific policies. These policies should be reviewed often to keep pace with new AI tools and features.
2. Define acceptable use: Clearly outline approved AI tools and use cases. Define data boundaries for sensitive data, such as prohibiting sensitive data in public AI platforms. Create a process to request new technology tools, reducing rogue adoption.
3. Educate employees: Emphasize the risks posed by using public AI, linking the risks to existing polices. Educate on the bias, transparency, and accountability risks faced when using AI to drive decision-making.
4. Adopt Zero Trust principles: Implement controls that can enable granular access control and data protection for AI platforms. Enforce multi-factor authentication (MFA) and single sign-on (SSO) on sanctioned AI platforms. Enforce data controls to stop the input of sensitive information into public AI platforms.
5. Enable continuous monitoring: Monitor for changes to the environment or data leakage. Use tools to monitor the installation of new software and AI access via API or firewall, and use SaaS security posture management (SSPM) tools to review AI usage in sanctioned applications.
The use of public AI models without oversight poses risks to organizations via data leaks, compliance violations, and faulty decision-making. To help you identify and address exposures like Shadow AI, we offer a complimentary Zero Trust and SASE Readiness Workshop with GDT experts. During this half-day workshop, we evaluate your existing architecture and security needs, review your readiness to adopt a Zero Trust and/or SASE model, identify opportunities for improvement, and more—with the outcome being a roadmap to help you accelerate your Zero Trust and SASE efforts.
As part of this workshop, we also put together an AI Risk Report. This AI Risk Report will show you which public AI tools are being used in your environment, what data is being shared with the tools, and insights to help you demonstrate the risk posed by public AI model use to your organization. GDT also offers a more general workshop focused on your overall security posture. You can learn more and schedule either workshop here.
- Samsung Bans ChatGPT Among Employees After Sensitive Code Leak. Forbes. Retrieved May 28, 2025, from https://www.forbes.com/sites/siladityaray/2023/05/02/samsung-bans-chatgpt-and-other-chatbots-for-employees-after-sensitive-code-leak/ ↩︎
