• You fix it by making the secure option just as fast and frictionl

    From TechnologyDaily@1337:1/100 to All on Saturday, July 04, 2026 09:15:24
    You fix it by making the secure option just as fast and frictionless as the risky one: Practical advice on addressing shadow AI

    Date:
    Sat, 04 Jul 2026 08:00:00 +0000

    Description:
    Workers clearly have an appetite for AI but personal accounts are still being used approved tools need to be easy to reach and use.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter AIs timeline is very much still being written, but one thing is clear companies are now in the midst of shifting from experimentation to widespread implementation after having determined strong use cases, with security and trust now becoming higher priorities.

    The question is no longer about whether employees are willing to embrace AI, because that much is clear. Its now about whether their employers know how AI tools are actually being used, whether theyre providing the right type of solutions, and whether their governance supports real-world use cases. Off
    the back of that, companies are now struggling to tame shadow AI as workers
    go off to explore their preferred tools, rather than being confined to workplace-provided alternatives. But while organizations have years of experience handling shadow IT, shadow AI is presenting new challenges. Latest Videos From Watch full video here: Shadow AI is harder to tame than Shadow IT
    gaining visibility is the first step Rather than being blocked from downloading certain software, workers can almost painlessly head to their chosen AI tool directly from the browser or via a personal account without approval or restrictions. As much as two-thirds (67%) of enterprise AI use
    now takes place through unmanaged personal accounts, even when an
    organization already provides enterprise-grade licenses.

    But those sanctioned AI tools are clearly working for employees, who are seeing higher productivity. At the end of the day, this is a major win for companies who are under pressure to prove ROI, but shadow AI presents
    security risks that enterprise-grade software generally negates. You may like Shadow AI a step too far, or an opportunity? What is Shadow AI, and why should your business be concerned about it? Shadow AI and agents like
    OpenClaw are hijacking corporate data too easily

    Teramind has revealed that 86% of organizations lack visibility into how data moves to and from AI tools, and its not just knowledge workers who are to blame. Nearly seven in 10 C-suite execs also admitted to prioritizing speed over security.

    I spoke with Teramind VP of Strategy Leeron Walter to understand why shadow
    AI has become more of an issue than we mightve thought, and what
    organizations can realistically do to regain visibility and control while continuing to meet workers where they feel most comfortable and productive. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. How do you define shadow AI, and why does it happen inside approved tools? Shadow AI is any AI usage that operates outside organizational visibility and governance - whether through banned apps, personal accounts, or AI features embedded in tools you already pay for.

    The reason it's hiding inside approved platforms is simple: vendors are
    racing to embed AI into everything. Your licensed Microsoft 365, your PDF reader, your CRM - they all have AI features now.

    Our research shows 67% of enterprise AI usage runs through unmanaged personal accounts on corporate-licensed platforms. The perimeter didn't move. It dissolved. What to read next Many firms don't know what their workers are sharing with AI tools Secure AI will be defined by emulated human behavior More and more businesses are struggling to deal with 'uncontrolled' AI Do executives actually follow the AI policies they sign off on? Not always. Our data is unambiguous: 69% of C-suite leaders prioritize speed over security when using AI tools, versus just 37% of frontline employees.

    Executives feel competitive pressure more acutely, so they rationalize bypassing policies. What goes through an employee's head when they choose productivity over compliance - and can companies change that? They're doing a fast cost-benefit calculation: "Missing this deadline hurts me now. A data breach is someone else's problem later." 60% of employees in our research
    said productivity benefits outweigh security risks when deadlines are involved.

    You don't fix that with more restrictions - 48% said they'd use AI even if it were explicitly banned. You fix it by making the secure option just as fast and frictionless as the risky one. Remove the tradeoff entirely. Is Gen Z really more likely to work around AI rules? Yes, but not because they're reckless - because they're impatient with policies that feel arbitrary. For them, AI is a basic utility, like a search engine.

    Blocking it doesn't register as a security measure; it registers as the company being behind. Meet them with speed and enablement, not bureaucracy. Why do traditional DLP tools miss AI traffic? Because they were built to
    catch files moving, not ideas being processed. Shadow IT was about unauthorized storage - a file uploaded to Dropbox.

    Shadow AI is about unauthorized processing - sensitive data pasted into a
    chat prompt. There's no file transfer to intercept. The data moves through an encrypted browser session, and legacy DLP tools are pattern-matching against file types and network transfers, not semantic content in a chat box.

    The threat model changed; the tools didn't. What does the first 90 days of gaining AI visibility actually look like? Days 130: Observe, don't block. Deploy behavioral telemetry to build a full Shadow AI inventory - browser extensions, clipboard activity, personal account usage inside approved platforms. Understand what's actually happening before you touch anything.

    Days 3160: Categorize risk. Which tools train on user data? Which departments depend on them? This is when you find out Engineering lives in an unvetted coding assistant.

    Days 6190: Enable and enforce. Roll out approved alternatives for high-risk tools. Implement real-time coaching - block the risky action, surface the
    safe alternative immediately. Goal: not zero AI usage, but 100% visible AI usage. What does an enablement-first AI approach actually look like - and how do you stop it becoming shadow AI with extra paperwork? You build paved
    roads. Give employees a fast, secure, approved AI path so they don't need to go off-road. That means enterprise AI tools with zero-retention data
    policies, integrated into existing workflows - not buried in a separate portal.

    To avoid it becoming theater, your AI tool approval process needs to be
    agile. If the review takes six months, employees use the consumer version today and say nothing. Govern the data, not the application - allow the tool, but monitor and control what data flows through it in real time. Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/you-fix-it-by-making-the-secure-option-just-as-f ast-and-frictionless-as-the-risky-one-practical-advice-on-addressing-shadow-ai


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)