As organisations adopt AI tools and agents at scale, they need a secure foundation for governed use. Without it, unsanctioned (shadow) AI creates blind spots around business data, identity and control. And that presents a significant risk to data, systems, and organisational IP.
Shadow AI is what happens when AI adoption moves faster than organisational visibility. Prompts, documents and copied text can move into unapproved services before teams know which tools are in use, what data has been shared or how that information may be reused.
That makes the risk harder to contain than traditional Shadow IT. AI tools and agents can interpret business context, combine information, generate new outputs and act across connected systems using the data and access they are given.
Organisations need to build a secure AI foundation that gives them visibility of AI use, control over sensitive data and governance for agents before informal adoption becomes embedded risk.
Risk grows when sensitive data leaves your sight
We know that people are embracing and experimenting with AI in enormous volumes. And who can blame them. The tools are everywhere, the benefits are obvious and most users are exploring how these new tools can make their lives easier at work (and probably at home too).
The issue and accompanying risk arises if this usage is going unseen within the organisation. Or to put it another way, if sensitive information is moving into environments your organisation doesn’t control. Client proposals, strategy material and legal documents all become harder to protect once they are copied into an unapproved service.
And to put this risk into context, Tech Radar recently reported as many as two-thirds of workers admit to using AI tools not officially approved by their employers.
To tackle this, governance needs to get specific. Know where your sensitive data lives, classify it properly and apply controls that stop the data leaving unnecessarily. Organisations should also guide users towards approved AI tools like Microsoft Copilot, where enterprise-grade data protection is in place and inputs are not used to train foundation models.
AI agents are identities and need to be governed accordingly
This becomes even more crucial with the rise of Agentic AI.
Now we’re seeing agents being granted access to systems, repositories and workflows.
With such potentially unfiltered access, added to increasing capabilities to take autonomous action, we have to start treating these agents as powerful identities, much as we do with human users. We need to ensure they have a named owner, defined purpose, least-privilege access, approval records, access reviews and audit trails.
People need a safer route that works for them
Whenever new risks materialise, there’s the immediate temptation to bring in a blanket ban or blockage. But in truth, such actions rarely address the reasons people turned to those tools in the first place.
Employees use AI because it helps them move faster, remove friction and get to a better first draft, answer or analysis. If sanctioned services are slow to access, poorly configured or less useful than consumer alternatives, workarounds will continue. The better answer is to give people a trusted route to the benefit: approved AI tools, clear guidance, sensible guardrails and a fast way to assess new use cases.
Good governance should help people use AI safely while avoiding a choice between productivity and policy.
Education has to sit alongside the controls. People need to understand why certain data cannot be used in certain tools. That includes the board, technical teams and everyday users, because Shadow AI is an enterprise behaviour rather than a niche security issue.
Your Microsoft estate may already give you a strong starting point
For Microsoft-led organisations, the starting point is often stronger than it first appears. Microsoft is increasingly connecting AI adoption, agent governance, data protection and identity security across its platform, with the same priorities reflected in product evolution and new licensing models.
Tools across Microsoft Purview, Microsoft Defender and Microsoft Entra, for instance, can support the core work. Working in unity within your estate they enable an understanding of where sensitive data sits, identifying risky or unsanctioned app use, applying access controls and giving security teams a clearer view of how users, applications and agents interact with information.
And, of course, the identity layer should sit at the centre of that approach.
As AI agents become part of business workflows, organisations need to know who owns them, what purpose they serve, what they can access and how that access is reviewed over time. This is where new tools like Microsoft Agent 365 bring increasing value and governance because agents need inventory, ownership, lifecycle management and security oversight as they become a new class of identity in the enterprise.
Bring Shadow AI into the open
Shadow AI is already part of how work gets done. Managing it requires a deliberate response: find what is already happening, protect the data that matters, give users a safer path and govern agents with the same seriousness as any other identity with access.
For Microsoft-led organisations, this is also a chance to get more value from the security, identity and data protection capabilities already available in the platform. Better visibility, clearer ownership and practical controls can turn unsanctioned AI use into safer, more deliberate adoption.
Kocho helps organisations assess AI risk exposure, improve visibility across AI tools and agents, and apply the governance and security controls needed for confident adoption.
If you need to understand what is already in use, where the risk sits and which controls to prioritise, we’d love to hear from you.
Your Shadow AI questions answered
-
Shadow AI is the use of AI tools, applications or agents without the formal knowledge, approval or oversight of an organisation’s IT, security or governance teams. It often begins with employees looking for faster or more effective ways to work, but it creates risk when business data enters tools that the organisation cannot properly assess, monitor or control.
-
Shadow AI is already widespread across many organisations. Employees are increasingly adopting AI tools to draft content, analyse information, automate tasks and improve productivity, often before formal governance frameworks have caught up. As AI becomes easier to access, many organisations are discovering that AI adoption is happening faster than expected and often outside approved channels.
-
The biggest risk is losing visibility and control over sensitive information. When employees use unapproved AI tools, organisations may not know what data is being shared, where it is stored or how it is being used. Shadow AI can create security, compliance, governance and reputational risks, particularly when it involves customer data, commercially sensitive information or regulated workloads.
-
Most employees are not trying to bypass policy. They are trying to solve problems, reduce manual effort and work more efficiently. AI tools can help people draft documents, summarise information, generate ideas and automate repetitive tasks. When approved alternatives are unavailable, difficult to access or less capable than consumer options, users often seek out their own solutions.
-
For most organisations, banning AI tools entirely is unlikely to solve the underlying problem. Employees will continue looking for ways to work more efficiently. A more effective approach is to provide approved AI services, clear guidance and governance controls that allow people to benefit from AI while keeping sensitive information protected. Good governance should enable safe adoption without unnecessary restriction.
-
The most exposed information typically includes client data, legal documents, financial information, business strategy, employee records, source code and confidential commercial material. Any information that would normally be protected by security, compliance or governance controls should be considered sensitive when interacting with AI tools. Organisations should understand where this data resides and apply controls that prevent it being shared inappropriately.
-
The first step is gaining visibility. Organisations need to understand which AI tools and agents are being used, who is using them, what systems they connect to and whether they interact with sensitive data. Discovery provides the foundation for governance, enabling organisations to identify risks, prioritise controls and support AI adoption from a position of understanding rather than assumption.
-
AI agents should be treated as identities with access, permissions and accountability. Organisations should know who owns each agent, what purpose it serves, what systems it can access and what actions it is allowed to perform. Good governance includes defined ownership, least-privilege access, approval processes, regular reviews and auditability. These controls help ensure that autonomous systems remain transparent, manageable and aligned with business objectives.
-
Good AI governance combines people, process and technology. It provides visibility into how AI is being used, protects sensitive information, establishes clear accountability and enables innovation within defined boundaries. Effective governance should help organisations adopt AI with confidence by balancing business value, risk management, security and compliance requirements.
-
Assessing Shadow AI exposure starts with understanding what is already happening. Organisations need visibility into which AI tools and agents are being used, who is using them, what systems they connect to, and whether they interact with sensitive data. From there, organisations can evaluate governance gaps, data protection risks, access permissions and compliance considerations. The goal is to establish a clear baseline before deciding which controls, policies or technologies need to be prioritised.
-
Yes, Microsoft Purview helps organisations understand where sensitive data exists, classify it appropriately and apply protection controls such as information protection, data loss prevention and compliance policies. These capabilities can reduce the likelihood of sensitive information being shared with unapproved AI services while improving visibility and governance over how data is used.
-
As AI agents gain access to systems, applications and workflows, they should be governed in the same way as any other identity with privileged access. Organisations need to know who owns each agent, what business purpose it serves, what systems it can access and what actions it can take. Identity governance provides the framework for managing agent lifecycle, access approvals, access reviews, accountability and auditability. This helps ensure AI agents remain controlled, transparent and aligned with organisational policy as adoption scales.
Microsoft Entra e-Guide
Move beyond legacy identity with Microsoft Entra
Discover how to:
- Migrate identity services without disrupting business operations
- Simplify provisioning with HR‑driven, API‑based workflows
- Replace fragile on‑premises components with resilient cloud controls
- Strengthen access decisions using Conditional Access
- Reduce long‑term technical debt and identity risk
Don't Miss
Great identity governance resources
Become Greater
Keep one step ahead of the cyber attackers
Sign up to the Kocho newsletter to get exclusive news, the latest threat reports, Microsoft tech updates, and expert analysis from our cybersecurity specialists.
Plus invites to webinars and industry events.