What Is Shadow AI? A Guide for Small Businesses
Back to Blog

What Is Shadow AI? A Guide for Small Businesses

AI Governance

There is a meeting happening at your company right now that you do not know about. One of your employees has a deadline. They paste a customer list, a draft contract, an internal financial summary, or a chunk of source code into ChatGPT and ask it to clean it up, summarize it, or rewrite it for them. The output is good. They paste it into an email or a document and move on with their day. Nobody is fired. Nothing breaks. The work gets done.

That meeting is happening at almost every small business in America. The data that just left your network is not coming back, and depending on which AI tool they used and which settings were turned on, it may already be sitting in a vendor's training pipeline.

That is shadow AI. And after 20 years inside three different managed service providers, I can tell you it is the single fastest-growing risk we are seeing in small business right now.

What Is Shadow AI?

Shadow AI is the use of artificial intelligence tools by your employees without your IT or security team's approval, oversight, or visibility. The most common form is employees using ChatGPT, Claude, Gemini, Copilot, or any of the dozens of free AI tools out there for work tasks, on personal accounts, with no formal review of what data is being shared.

The "shadow" part is the same idea as shadow IT. Tools that nobody approved, nobody is monitoring, and nobody can see. The "AI" part is what makes it dangerous in a way shadow IT never was.

Why 95% of Small Businesses Have a Shadow AI Problem Right Now

The numbers are jarring. According to a recent study by Gusto, about 45% of U.S. workers have used AI at work without telling their employers. A separate analysis by DKBinnovative across 20 small business environments found ChatGPT in use across 95% of those environments. The average AI adoption rate among employees was 44%, with the highest single client at 77%. In one month, those environments uploaded 1,768 files, including PDFs, Word docs, and spreadsheets, into AI tools.

Cyberhaven's research found that 11% of all data employees paste into ChatGPT is confidential. A separate report flagged that generative AI tools now account for 32% of all unauthorized data movement out of corporate environments. Generative AI is, full stop, the leading channel for corporate-to-personal data leakage in 2026.

This did not happen because your team is reckless. It happened because the tools are free, easy, and genuinely useful. An employee with a Gmail account can be using ChatGPT in 30 seconds. There is no procurement process, no install request, no software review. They open a tab and start typing. By the time IT hears about it, that data is gone.

What Employees Are Actually Doing With Shadow AI

When we run an AI and business assessment for a new client, we always ask employees what they have used AI for in the last 30 days. The answers are remarkably consistent across industries. Here is what we typically find:

  • HR and people operations. Employees pasting full job descriptions, candidate resumes, and even compensation discussions into ChatGPT to help draft offer letters, performance reviews, or termination notices.
  • Finance and accounting. Bookkeepers and controllers pasting account ledgers, invoice summaries, or P&L statements into AI to "explain this trend" or "format this for the partners."
  • Sales and customer success. Account managers pasting customer call notes, pipeline data, and even full CRM exports into AI to draft follow-ups or summarize relationships.
  • Legal and contracts. Operations leads pasting sections of vendor contracts and NDAs into ChatGPT to ask "is this normal" or "rewrite this in plain English."
  • Code and product. Developers pasting source code, database schemas, and configuration files into AI to debug or refactor. This is exactly what triggered the most famous shadow AI incident on record.

    • The Samsung case is the one I bring up most often. In early 2023, Samsung engineers leaked confidential corporate data on at least three separate occasions by pasting proprietary information into ChatGPT, including semiconductor source code, internal meeting transcripts, and chip-defect test sequences. Samsung banned generative AI on company devices entirely a few weeks later. None of those engineers were trying to harm the company. They were just trying to do their jobs faster.

    If it can happen at Samsung, it is happening at your business.

    Where Does the Data Actually Go?

    This is the question I get asked most when I bring this up with owners. Let me answer it plainly.

    When an employee uses a free, consumer-grade AI tool like ChatGPT on a personal account, they are interacting with a vendor under that vendor's consumer terms. Depending on the platform and the user's settings, the prompts and outputs may be retained, used to improve the model, reviewed by human contractors for quality control, or stored indefinitely on infrastructure you have no contract with and no visibility into.

    Even where vendors offer enterprise-grade alternatives with stronger data protections, those protections only kick in if the company has signed up for them. Personal accounts do not get those protections. If your bookkeeper used her Gmail to log into ChatGPT and paste a list of customer payment histories, that data is not covered by any agreement your business has with anyone.

    The financial impact when this surfaces is significant. IBM's research found that data breaches involving shadow AI cost organizations an average of $670,000 more than breaches that did not, and they took on average 247 days to detect.

    Why Generic AI Policies Fail

    A lot of small businesses respond to shadow AI by writing a one-page "AI policy" that bans ChatGPT, sticking it in the employee handbook, and assuming the problem is solved. It is not. I have walked into clients three months after they did exactly that and found AI usage had not dropped at all. People just stopped mentioning it.

    Generic AI policies fail for three reasons:

  • They ban the tool without giving an alternative. If ChatGPT is genuinely making someone's job easier, banning it without offering a sanctioned replacement just pushes the activity into the shadows.
  • They do not match how people actually work. A policy that says "do not paste confidential data into AI" is useless if the employee does not know what counts as confidential, or if the helpful AI behavior they are getting requires the confidential data as input.
  • They have no detection or enforcement. A policy without monitoring is a wish. If you cannot see what is happening, you cannot manage it.

    • A good AI policy is not a ban. It is a sanctioned-tool list, a clear data-classification rule, a training plan, and a detection mechanism, all working together.

    The Five-Step Plan to Get Shadow AI Under Control

    This is the playbook we run for clients who want to go from "we have no idea what is happening" to "we have a defensible AI program" in 60 days. None of it is exotic. All of it is high-leverage.

    1. Survey Before You Police

    Before you ban anything, ask. Send an anonymous survey to your team: which AI tools have you used for work in the last 90 days, and what did you use them for? Promise no consequences for honest answers. You will get the real picture. This single step is the single highest-value thing most owners can do this week.

    2. Pick a Sanctioned AI Tool With an Enterprise Tier

    Most businesses we work with land on Microsoft Copilot (because it is included in many Microsoft 365 plans) or ChatGPT Enterprise / Team. The key is picking a tool with a real data-protection agreement, where prompts are not used for training, and where you have admin visibility into what your team is doing. Then you license it for the people who need it. Removing the friction is the single most reliable way to kill shadow usage.

    3. Write a Real AI Acceptable Use Policy

    A real policy, not a one-liner. Three things it has to cover: (a) which tools are approved and for what tasks, (b) which categories of data must never be pasted into any AI, with examples, (c) the human review requirement before any AI-generated content goes to a customer or external party.

    We hand clients a template that runs about three pages. If you want a copy, reach out and we will send it.

    4. Add Detection at the Browser and Endpoint Layer

    This is the part most generic guides skip because it requires actual technology. Modern endpoint protection platforms and cloud access security brokers can flag when an employee logs into an unsanctioned AI service or uploads files to one. Microsoft Defender, Crowdstrike, and a handful of dedicated AI-governance tools all have shadow AI detection built in now. If your current managed services setup does not include this, it is a 2026 gap that needs closing.

    5. Train, Then Train Again

    Most employees using shadow AI have no idea they are doing anything wrong. They are not malicious. They are uninformed. A 30-minute training session twice a year, with concrete examples of what is and is not safe to paste into AI, will move the needle more than any policy will. Tie the training to your existing security awareness program and it adds almost no overhead.

    What This Has to Do With the Rest of Your IT

    Shadow AI is not a standalone problem. It is the latest entry on a long list of risks that small businesses face when nobody is watching the network proactively. It connects directly to the same core gaps that show up in our ransomware and security assessments: no MFA, no endpoint detection, no clear data classification, no monitoring.

    If you are still calling someone only when something breaks, you almost certainly do not have visibility into shadow AI. You probably do not have visibility into a lot of other things either. That is the signal we usually point to when we tell a business it is time to move from break-fix to managed services.

    How Cascade Data Handles This

    For our managed services clients, shadow AI detection is included in the base service. We monitor for unsanctioned AI tool usage, we help write the policy, we deliver the training, and we license a sanctioned alternative as part of the Microsoft 365 footprint we manage. There is no separate "AI governance" upsell, because in 2026, this is just security.

    For businesses that are not ready for full managed services yet, we offer a fixed-fee AI and business assessment that includes a shadow AI scan as one of the deliverables. We tell you what tools your team is actually using, what data is going where, and what your top three risks are, with a 48-hour turnaround. No long-term contract, no upsell pressure.

    The Bottom Line

    Shadow AI is not a hypothetical risk. It is happening at your business right now, today, almost certainly, and the data that is already gone cannot be recalled. The good news is that the fix is straightforward, the cost is reasonable, and the longer you wait the more expensive every workaround becomes.

    If you want to know what your team is actually doing with AI, and what to do about it, let's talk. Veteran-owned, based in Portland, Oregon, working with small businesses across the country.

    Frequently Asked Questions

    Is using ChatGPT at work illegal? No. Using ChatGPT at work is not illegal in itself. The risks are about data exposure, contractual obligations to your customers, and regulatory frameworks like HIPAA or GDPR that may require you to control where certain data goes.

    Will banning ChatGPT solve the problem? No. A blanket ban with no sanctioned alternative pushes the activity underground. Studies show employees keep using AI even after a ban; they just stop telling anyone. Provide a sanctioned tool, then enforce.

    How do I know if my employees are using shadow AI? The fastest way is to ask them anonymously. Past that, modern endpoint detection and browser-based controls can flag unsanctioned AI usage. Most small businesses do not have these in place yet.

    What is the single biggest data risk from shadow AI? Pasted prompts being retained by the AI vendor and potentially used for model training. On free, consumer-grade tools, you generally have no contract preventing this.

    Do I need a written AI policy if I only have ten employees? Yes. Smaller teams have shadow AI at the same rates as larger ones, sometimes higher. A clear policy and a sanctioned tool are the same effort whether you have ten people or a hundred.

    Sources & Further Reading

  • IBM: What Is Shadow AI? (definition, risks, and the $670K cost-difference figure)
  • Cyberhaven: 11% of data employees paste into ChatGPT is confidential (the original source of the pasted-data statistic)
  • Dark Reading: Samsung engineers leak data via ChatGPT (the foundational case study on shadow AI data leakage)
  • Palo Alto Networks: What Is Shadow AI? (detection patterns and security strategies)
  • CISA: Cyber Essentials for Small Businesses (the foundational security baseline that an AI program should build on)
  • SHRM: Generative AI Usage Policy Template (HR-side policy template, useful as a starting point)

    • Need help with your IT?

    We're here to answer questions and help your business make smart technology decisions.

    Get in Touch

    Get the Cascade Data Letter

    Periodic notes on small-business IT, security, and AI from the work we do. No spam.