What counts as shadow AI, and how is it different from shadow IT?

Shadow IT is any technology your employees use without IT's knowledge or approval u2014 cloud storage, messaging apps, unauthorized SaaS subscriptions. Shadow AI is the same concept applied specifically to artificial intelligence tools: AI writing assistants, AI-powered browser extensions, chatbots, code completion tools, or AI features embedded inside software you already sanction. The reason shadow AI gets its own category is the data risk profile. AI tools don't just store or transmit data the way a cloud drive does u2014 they often ingest it into training pipelines, route it through third-party AI sub-processors, or retain it in ways that aren't covered by the main vendor's privacy policy. That creates regulatory exposure that standard shadow IT controls weren't designed to catch.

Does the EU AI Act apply to my company if we're based in the US?

It can. The EU AI Act applies to providers and deployers of AI systems when the output is used inside the EU u2014 meaning if your company deploys an AI tool that affects EU residents (employees, customers, or users), you may have obligations regardless of where your company is headquartered. The exact scope depends on how your tools are classified under the Act's risk tiers and your specific role in the AI value chain. If you have EU customers or EU-based employees, it's worth getting a qualified legal opinion on your exposure rather than assuming the geographic distance protects you.

How do I find AI tools employees are using if I don't have an SSO or MDM solution?

Start with conversations, not technology. Department heads almost always know what tools their teams are using u2014 they just haven't been asked in a structured way. Beyond that, expense reports and company credit card statements are reliable discovery sources for subscription-based tools. Browser extension audits on managed devices will catch a significant share of AI tools that employees install without going through IT. DNS query logs, if you have them, can surface traffic to AI provider endpoints. None of these give you perfect coverage, but a combination of two or three will surface your material exposures faster than waiting until you have an enterprise-grade tool in place.

What's the difference between InfoDefenders' consulting engagements and the SaaS platform?

The SaaS platform u2014 the AI Incident Log, AI Risk Assessor, and AI Governance Manager u2014 is software your team runs on an ongoing basis to log incidents, evaluate AI tools, manage policies, and produce evidence of your governance posture. The consulting engagements are fixed-scope, fixed-fee projects: a bounded sprint where we work with you to assess your current state and build out your governance foundation. They're separate offerings. Some clients start with a consulting engagement to establish their baseline, then move to the platform to maintain it. Others start directly with the platform. The right entry point depends on how much structured support you need to get started.

Guide

Shadow AI: find and govern tools your team already uses

Your employees are already using AI tools you didn't approve, and most IT managers find out about it the wrong way. This page gives you a method to get ahead of it.

The problem

Shadow AI is what happens when your organization's AI adoption outpaces your oversight. An employee signs up for an AI writing tool using their work email. A developer starts piping support tickets into a third-party summarization API. A finance analyst uses a browser-based AI assistant to draft client-facing reports. None of these were reviewed. None of them appear in your vendor register. And depending on what data touched those tools, you may have a breach disclosure problem, an EU AI Act exposure, or both — and you won't find out until something goes wrong.

This isn't a culture problem or a discipline problem. It's a structural one. AI tools are cheap, frictionless, and genuinely useful. Employees reach for them the same way they reached for unsanctioned cloud storage a decade ago, because the sanctioned options are slower or don't exist yet. The difference now is that AI tools ingest data — often sensitive data — and the regulatory environment around that data is no longer theoretical. The EU AI Act is in force. State-level AI bills are moving. If you have customers or operations in the EU, the compliance clock is already ticking.

For IT managers at companies without a dedicated compliance team, the challenge isn't understanding why shadow AI matters. It's knowing where to start.

What good enough looks like

You don't need an enterprise GRC platform to get shadow AI under control. You need three things: visibility into what tools are actually in use, a documented basis for deciding which ones are acceptable, and a process for handling the ones that aren't.

Visibility doesn't mean a perfect, real-time inventory on day one. It means you've done enough discovery to know your highest-risk exposures — the tools handling customer data, financial records, HR information, or anything that's regulated under a framework you're already subject to. A spreadsheet that captures tool name, business owner, data types touched, and vendor AI sub-processors is more useful than a theoretical asset management policy that nobody maintains.

A documented basis for decisions means your team knows what criteria you're applying. Is the vendor's AI trained on your data? Does the tool's privacy policy allow data retention for model improvement? Is there a data processing agreement in place? These aren't hypothetical questions — they're the ones your legal team or an external auditor will ask when something goes sideways. Having a written rationale, even a brief one, is what separates a defensible decision from a liability.

A process for non-compliant tools doesn't have to be punitive. It should be a clear path: flag it, assess it, either bring it into a sanctioned program or off-ramp it with a documented reason. The goal is that no tool sits in legal limbo indefinitely.

None of this requires six months of project planning. Most organizations can get from zero to a working baseline in a few focused weeks.

A practical method

What follows is a starting framework. The linked Insights posts below go deeper on specific steps — don't try to do all of this from this page alone.

Run a discovery pass before you build any policy. Talk to department heads in the functions most likely to be early AI adopters: marketing, sales, customer support, finance, and any team with developers. Ask a simple, non-threatening question: "What AI tools is your team using to get work done?" You'll surface more than you expect. Cross-reference what you hear against your SSO logs, expense reports, and browser extension policies if you have them. For a structured approach to this step, see our guide on how to build an AI tool inventory without enterprise software.

Categorize by data exposure, not by tool type. Not every shadow AI tool is equal risk. A team using an AI grammar checker on internal memos is a different conversation than a team pasting customer PII into a general-purpose chatbot. Sort what you find into tiers based on the sensitivity of data the tool touches, and prioritize your review accordingly. The tier that warrants immediate attention is any tool handling data that's regulated, contractually restricted, or subject to a data residency requirement.

Map vendor AI sub-processors for your highest-risk tools. This is the step most IT managers skip, and it's where the real exposure lives. When an employee uses a SaaS tool that has AI features, that tool often routes your data through a third-party AI provider — OpenAI, Anthropic, Google, or others. That third party is a sub-processor under GDPR. Check the vendor's privacy policy and data processing agreement for sub-processor disclosures. If you can't find them, ask. If the vendor won't answer, that's a decision point.

Build your approved list from what survives the review. Rather than maintaining a blocklist you'll never fully enforce, build a short approved list of tools that have been reviewed and accepted. Make it easy to find and easy to add to. When an employee wants to use something new, the process should be: submit it, get it reviewed against your criteria, get a decision. That process doesn't need to take more than a week for most tools.

Document what you find and what you decided. This is where most informal shadow AI programs fall apart. The discovery conversation happens, a few tools get flagged, and nothing gets written down. Six months later, nobody remembers what was approved or why. Decisions need to live somewhere — a shared folder, a GRC platform, a governed spreadsheet. The format matters less than the consistency.

For a closer look at the specific tools employees commonly reach for before IT gets involved, the post on the AI tools your employees are already using covers the patterns we see most often.

Do this week: Ask one department head the discovery question from step one. Write down what they tell you. You'll have more information about your shadow AI exposure after that one conversation than most companies collect in a quarter.

Getting systematic about it

The method above gets you to a defensible baseline. Staying there is a different problem. Tools change. Employees find new ones. Vendors quietly update their AI features and sub-processor lists. What starts as a one-time audit has to become an ongoing process — someone owns it, it runs on a schedule, and findings get logged somewhere that produces an audit trail.

For organizations that have done the initial discovery work and are ready to move from a spreadsheet to a structured workflow, InfoDefenders' AI Risk Assessor gives you a consistent evaluation framework for each tool you're vetting, with evidence you can export when a customer, auditor, or regulator asks how you're managing AI vendor risk. It's built for IT managers who own this problem without a compliance team behind them.

If you're not sure where your organization sits right now, our pricing page lays out the options by maturity stage — including a starter tier that's just the incident log if you're still in early discovery mode. When you're ready to start, you can create an account and be working in the platform the same day.

Sources

EU AI Act — Official Journal of the European Union

InfoDefenders

Discover shadow AI before it becomes an incident

InfoDefenders Tool Discovery and the AI tool register give IT teams a living inventory — approval status, owners, and outstanding assessments in one place.

Start your free 30-day trial See pricing

InfoDefenders AI tool register showing approved tools and risk levels

FAQ

Common questions

What counts as shadow AI, and how is it different from shadow IT?: Shadow IT is any technology your employees use without IT's knowledge or approval u2014 cloud storage, messaging apps, unauthorized SaaS subscriptions. Shadow AI is the same concept applied specifically to artificial intelligence tools: AI writing assistants, AI-powered browser extensions, chatbots, code completion tools, or AI features embedded inside software you already sanction. The reason shadow AI gets its own category is the data risk profile. AI tools don't just store or transmit data the way a cloud drive does u2014 they often ingest it into training pipelines, route it through third-party AI sub-processors, or retain it in ways that aren't covered by the main vendor's privacy policy. That creates regulatory exposure that standard shadow IT controls weren't designed to catch.
Does the EU AI Act apply to my company if we're based in the US?: It can. The EU AI Act applies to providers and deployers of AI systems when the output is used inside the EU u2014 meaning if your company deploys an AI tool that affects EU residents (employees, customers, or users), you may have obligations regardless of where your company is headquartered. The exact scope depends on how your tools are classified under the Act's risk tiers and your specific role in the AI value chain. If you have EU customers or EU-based employees, it's worth getting a qualified legal opinion on your exposure rather than assuming the geographic distance protects you.
How do I find AI tools employees are using if I don't have an SSO or MDM solution?: Start with conversations, not technology. Department heads almost always know what tools their teams are using u2014 they just haven't been asked in a structured way. Beyond that, expense reports and company credit card statements are reliable discovery sources for subscription-based tools. Browser extension audits on managed devices will catch a significant share of AI tools that employees install without going through IT. DNS query logs, if you have them, can surface traffic to AI provider endpoints. None of these give you perfect coverage, but a combination of two or three will surface your material exposures faster than waiting until you have an enterprise-grade tool in place.
What's the difference between InfoDefenders' consulting engagements and the SaaS platform?: The SaaS platform u2014 the AI Incident Log, AI Risk Assessor, and AI Governance Manager u2014 is software your team runs on an ongoing basis to log incidents, evaluate AI tools, manage policies, and produce evidence of your governance posture. The consulting engagements are fixed-scope, fixed-fee projects: a bounded sprint where we work with you to assess your current state and build out your governance foundation. They're separate offerings. Some clients start with a consulting engagement to establish their baseline, then move to the platform to maintain it. Others start directly with the platform. The right entry point depends on how much structured support you need to get started.

Ready to govern AI with evidence?

Start a 30-day free trial — no credit card required.

Start your free trial See pricing