As artificial intelligence tools become more embedded in everyday workflows, a quiet revolution is unfolding across workplaces: employees are increasingly using AI tools without IT approval, a phenomenon now dubbed “shadow AI”.
A recent survey by Software AG revealed that nearly half of all knowledge workers are using personal AI tools in the course of their work. The motivation? A lack of employer-approved tools, or a desire for more flexible, powerful solutions than those currently provided.
While this growing reliance on unsanctioned AI may boost individual productivity, it introduces serious legal, regulatory and security risks. Sensitive company data, trade secrets or personal information may be processed or stored in external systems beyond the employer’s visibility or control, heightening the risk of data breaches and non-compliance with data protection laws.
According to Harmonic Security, over 5,000 AI applications have been detected in workplaces, including customised ChatGPT instances and AI-enhanced versions of common business software. This widespread use underscores just how easily AI can enter an organisation through the back door.
To regain control, many employers are now developing internal AI tools that strike a balance between employee needs and compliance standards. These solutions aim to enable safe, secure use of AI while maintaining oversight over how and where sensitive data is handled.
