COMMENTARY: A study from Salesforce has found that 28% of workers now use generative AI at work, and over half without the formal approval of their employers.

As the popularity of AI tools continues to grow, organizations must have a plan to prevent the unsanctioned use of generative AI tools by employees. Ignoring the unique risks of these platforms presents a recipe for disaster that we simply cannot ignore.

Sensitive company data such as proprietary information, customer records, or trade secrets are often inadvertently uploaded to third-party AI platforms that use user inputs to train their models.

This can compromise confidentiality and lead to the leakage of proprietary data. For example, in 2023 Samsung Electronics banned the use of ChatGPT and other AI-powered chatbots after they discovered an accidental leak of sensitive internal source code by an engineer to the platform.

Despite these efforts, companies continue to deploy AI. Against this new backdrop, businesses must tackle the proliferation of AI head-on to ensure that only tools that are vetted, deployed, and managed under IT governance are permitted.

Promote security awareness training: 69% of workers in the Salesforce survey said they have never received or completed training around using generative AI. Without this awareness, employees are far more likely to use unsanctioned tools. Develop a workplace AI policy: Implement clear guidelines around the use of AI tools, including what types of information users can share. Adopt an enterprise version of an AI tool: Many AI tools offer an enterprise version that offer full control over how user input gets processed, ensuring that sensitive information isn’t used as training data. Deploy network monitoring: Scour the organization’s networks for shadow AI use to detect the use of these tools before sensitive information gets shared. Leverage tools that can restrict network access: Prevent access to unsanctioned AI tools with web filtering and data loss prevention (DLP) products.

Here are five ways teams can respond to the shadow AI challenge:

Ultimately employees will want to use these new AI tools for the vast information they offer and the significant productivity gains they stand to gain. By addressing shadow AI head-on businesses can ensure that only vetted and secure tools are used within their networks.

It’s not possible to stop all AI use. But companies can manage it more effectively and have a better shot at reaping the real productivity benefits AI has to offer.

