Security teams curb shadow AI without slowing staff

Gartner research shows 69% of organizations suspect or have confirmed that employees are using prohibited AI tools at work, while only 37% report having an AI governance policy. Security teams are confronting a growing gap as employees run three to five AI tools a day, many of which were never reviewed by IT and can access corporate data through quick OAuth logins or browser sessions.

Many AI tools do not pass through the corporate network, so traditional monitoring that focuses on email and network traffic misses them. OAuth approvals can grant third-party services read or write access to Google Workspace or Microsoft 365, exposing shared drives, emails and internal documents. Browser extensions and embedded AI features in approved vendor products can bypass endpoint management, and employees often adopt new tools faster than procurement or security can evaluate them.

First, security teams should build an accurate inventory of AI tools in use. Auditing connected third-party apps and sorting them by permission scope helps identify tools with broad access to corporate data. Scanning for browser extensions with a browser management solution or a lightweight agent surfaces tools endpoint agents miss. Teams should check for new AI features added to existing vendor products and run short employee surveys to capture tools that automated scans overlook. The inventory should link each tool to who is using it and what data it can reach.

Second, companies should adopt a practical AI policy that guides employee behavior. Effective policies list approved tools and access points, define data classification rules that state which categories of data must not be entered into external AI services-such as customer records, source code and financial information-and require confirmation that approved tools have opted out of using company inputs for vendor model training. The policy should include a simple process for requesting new tools and plain-language explanations of the risks involved.

Third, create a faster approval path for low-risk tools so employees do not turn to unsanctioned alternatives. A structured intake form and documented evaluation criteria allow quicker decisions for many requests. Evaluation should cover data access scope, vendor security practices, training opt-out status, compliance certifications and whether a suitable approved alternative already exists. Publishing and keeping an up-to-date list of approved options gives employees a clear place to find safe tools.

Fourth, continuous monitoring should serve as a shared safety layer. Browser-native monitoring provides visibility into cloud-based AI activity without rerouting web traffic. Signals from that monitoring can feed into individual risk profiles alongside phishing test results and training records. Combining those signals helps identify employees whose behaviors compound risk, such as those who skip training, click phishing links and run unapproved tools with access to sensitive data.

Fifth, make secure behavior the easier choice for users. Short, contextual prompts delivered when an employee attempts to use an unsanctioned tool can explain the specific risk, suggest an approved alternative and take less than 30 seconds to read. Training that explains why OAuth approvals can expose entire shared drives helps employees apply judgment to new tools that appear after training programs are created.

Some companies that publish approved tool lists, speed low-risk approvals and pair monitoring with contextual prompts report declines in shadow AI use over time.