As generative AI models and AI agents move from the cloud to tools that can be used on edge devices, shadow AI is growing in enterprises.
Shadow AI refers to the practice of enterprise employees using unapproved AI tools to perform their work and incurring a risk of leaking data. While it has long been a point of concern for enterprises, many have started to ban the use of tools like ChatGPT for work workflows.
However, a recent study by AI governance and data protection vendor Harmonic Security found that banning tools does not prevent enterprise employees from using their own personal AI tools at work. The vendor analyzed nearly 2 million classified AI session minutes and found that across all major AI providers with a free tier, most activity on personal accounts is business, not personal. The research found that employees are using their own free ChatGPT, Gemini and Claude accounts to write work emails, summarize meeting notes and debug code.
In this Q&A, Michael Marriott, vice president of marketing at Harmonic, discusses how enterprises can combat Shadow AI and how the steps they take can help reduce token usage.
In what ways has Shadow AI become so prominent within enterprises?
Michael Marriott: We all know, just from working with customers, that the approved tool you’re focusing on for token maxing is a small part of the overall enterprise use of AI.
It’s abundantly clear that the CEOs view they’ve got an AI strategy they can force down on people, while the rest of the business has a completely different idea of what it is, and they’re just using whatever tools they want to do their jobs.
When we looked into the findings, it was quite astonishing that, when we look at personal account use, two-thirds of the use cases are work. That was mind-blowing. You expect people to bring their own free accounts, and you’ve got ChatGPT here. But people have some discernment about what should go into those. That’s not the case.
Organizations govern the enterprise versions, and that’s, like, not even half of the use; the rest of the use is all corporate anyway. There’s this huge black hole in usage. We don’t think anybody really knows what’s going on in there.
What are the dangers of enterprise employees using their own AI tools for work, and is there a way to rectify it?
Marriott: The research found that the worst defenders were the sales and marketing teams, who were using better tools to do their work. That gets interesting because the data that goes into it is sensitive. There are things like sales pipeline data on customer records that are sensitive to the business. If you’ve got no control over those who can cause compliance issues and you are exposing customer data, it’s also an absolute godsend. If you think, like, sales teams that are meant to keep sales pipeline data in the company, if they leave for a competitor, they take all that data with them.
And there’s no way that you can protect that data. That’s just like one example. If you think about it, you’ve got M&A information, you’ve got so much sensitive business data in there, that somebody walks away with it, it’s a competitive problem.
Where we are seeing people getting ahead of this is that, almost, the teams that can have a bit of humble pie, and say, look, I know we’ve got everybody copilot licenses, but why don’t we actually ask the users what they want?
It sounds revolutionary, but it goes down so well that you can say ‘I’ve noticed you were using this tool. Can you tell me about why we’re using it?’ And then you can say, ‘What’s the difference here between what we’ve bought and why people want to use a different one, and should we get them a license?’ It’s all about being proactive and meeting the user where they’re at.
The broader market shift that we are focused on is looking at, instead of just the user and the tool, what they are trying to do, and what the action and the intent of that is.
Do enterprises run into the problem of too many AI tools if they ask what AI systems employees are using?
Marriott: There will be some license reconciliation or consolidation at some point. The other side of the coin is that you have all these enterprise licenses that people aren’t using, or they’re using them for work or non-work for personal use. You want to know about that and get rid of that license. Because a copilot license costs $39 per user per month, it’s an astonishing amount of money. If they want to create a slide with AI, is there a better use of money than doing that?
By understanding use cases, you can save money, and you can start to free up money from licenses that are not being used. That’s an opportunity for people as well as a bit of a risk.
Does this mean that most enterprises will need to switch to a consumption-based pricing model and pay only for what they use from AI vendors?
Marriott: We’re sure that the Anthropics of the world are going to be more consumption-based, and that’s where they got all these token conversations. At the same time, you would want to know that people are using X number of tokens, and what are they using them for? Are they asking the top model whether they should go on vacation, or are they doing work that will help the business? I don’t even think that’s there now. It’s just a bit of being understanding of how they’re being used.
It’s a big issue. Part of that issue is you’ve got Anthropic and Claude Cowork, which doesn’t have very good audit traceability. A lot of teams that are deploying don’t really know what use they’re putting into it. It’s a wild time when people are using these tools at a breakneck pace, without really knowing what they’re putting into them or when they’re getting value from them.
How can there be more transparency and reduced shadow AI if enterprises are clear about why they use a particular tool?
Marriott: Yeah, education, literacy, and having that communication be a two-way street are important, instead of just mandating that everybody use this thing, which is driving people away. Acknowledge them, bring them in-house, find a way to meet their needs, and, genuinely, that’s where people win. That’s where the users are happy, and it’s better the devil you know if you’ve got the tools inside and some sort of control there, even if that does mean a bit of AI sprawl.
You’ve just got to live with the reality that it’s a crazy time in the market, and employees are going to flock to whichever tool they want to do their job the best, and you’ve got to deal with it, unfortunately.
Editor’s note: This Q&A has been edited for clarity and conciseness.
