You need to quickly translate a piece of text, summarize a document, or rewrite an email. There's no official way to do it, or it's slow. So you open what you know – your personal account, a free version of something that works.

And that's exactly how shadow AI is born.

What is shadow AI?

Shadow AI is when people in a company use AI tools the company doesn't know about. It's not hacking. It's not sabotage. It's someone who wants to get work done and has something at hand that works.

The problem isn't the tool. The problem is that the company has no idea where its data is flowing.

Real numbers: according to the IBM Cost of a Data Breach Report 2025, one in five companies experienced a security incident due to shadow AI. Those incidents cost on average $670,000 more than regular data breaches, because they take longer to find (291 days on average), involve more sensitive content, and the company has no audit trail or vendor contract.

Why it happens

The reasons are usually few, and none of them involve bad intent:

  • The company doesn't have an official tool, or it's hard to get access
  • The approval process takes weeks and the person needs results now
  • Nobody ever said it wasn't OK
  • People simply don't know there's a difference between "using it at home" and "using it for company work"

And so you end up with a team of five people using five different tools, each on their personal account. And nobody knows what went where.

45%

of employees actively use AI tools (LayerX Security Report 2025)

77%

of them paste work content – documents, emails, meeting notes

82%

of these inputs happen through personal accounts, without the company's knowledge

22%

contain directly sensitive data – personal info or financial information

What can happen: Samsung, 2023

One of the most well-known shadow AI cases. Samsung allowed engineers to use ChatGPT with a warning not to put sensitive things in there. Within three weeks, three separate incidents occurred:

  1. An engineer pasted source code from an internal semiconductor measurement program, looking for a bug fix.
  2. Another sent code for optimizing test sequences to identify defective chips.
  3. A third uploaded a recording from a company meeting to a transcription tool, then pasted the output into ChatGPT to create meeting minutes.

Samsung's sensitive data – source code, internal processes, meeting content – ended up on OpenAI's servers. Samsung couldn't get it back, because at the time ChatGPT used user inputs for further training by default.

Samsung then banned the use of generative AI entirely and began developing its own internal tool.

These weren't bad people. They were engineers who wanted to solve a problem quickly.

Why it's a problem

Here we come back to the three questions from Part 1: where does data flow, who has access, how long does it stay.

With shadow AI, the answer to all three is: "We don't know."

And that's the real issue. The company has no overview of what tools are being used, no contractual relationship with the vendor, no audit trail, no ability to manage retention or deletion, and in the event of an incident, nothing to show.

According to IBM, discovering a shadow AI-related incident takes 26.2% longer and 20.2% longer to contain, averaging 291 days total. That's more than nine months where the company doesn't know it has a problem.

It's not just about big companies

Samsung is a large company with thousands of employees. But shadow AI affects small and mid-sized companies too, perhaps even more so. Because they often lack clear policies, have a smaller (or no) IT department, and people are used to solving things on their own.

Most people don't know they're doing something wrong. Because nobody told them.

"Let's just ban it"

This is most companies' first instinct. Write an internal policy: "AI tools are prohibited."

And the result? People keep using them, they just stop talking about it.

Bans without alternatives don't work. People aren't stupid – they know AI saves them hours of work. When you tell them "you can't," but don't give them another way, they'll take the one that works. And you won't know about it.

What to do instead

The only approach that actually works is a combination of three things:

1. Give people an alternative

Something that's equally fast and simple, but under company control. A tool with clear data flow, contractual guarantees, roles, and audit. If this doesn't exist, people will find their own solution.

It's not about having the "best" tool on the market. It's about having a tool that's good enough and secure at the same time. Because the most secure tool that nobody uses won't help you.

2. Clearly state what's OK and what's not

Not a fifty-page policy. One paragraph: "For personal notes and public information, go ahead. For anything internal, client-related, or sensitive – approved tools only." And most importantly: tell people before something happens.

3. Explain why

Most people have no idea what happens to data behind the scenes. When you show them that free versions may have training turned on by default, that support can see content, that logs exist for months – they understand. It's not about policing, it's about protecting the company and themselves.

Conclusion

Shadow AI is not a problem of bad people. It's a problem of missing rules and missing alternatives.

When you tell people "don't do this" and don't give them another way, they'll do it anyway, just secretly. And you lose control.

The best prevention? Give people a tool they can use with a clear conscience. And a simple answer to the question: "Is this safe?"

There's no universal recipe for what to use instead of risky tools – every company has different processes, data, and risk levels. If you'd like to discuss what makes sense in your case, get in touch.