Why Employees Use Unapproved AI Tools and How to Bring It Under Control

Why Employees Use Unapproved AI Tools and How to Bring It Under Control

# ai# security# governance# shadowit
Why Employees Use Unapproved AI Tools and How to Bring It Under ControlKatarina Hoffmann

[The rise of powerful, accessible AI tools has created a security blind spot known as shadow AI....

Why Employees Use Unapproved AI Tools and How to Bring It Under Control

[The rise of powerful, accessible AI tools has created a security blind spot known as shadow AI. This post explains how to regain control by extending AI governance to the endpoint with solutions like Bifrost and Bifrost Edge.]

The use of unapproved AI tools in the workplace, often called "shadow AI," has become a significant challenge for security and compliance teams. While IT departments work to deploy governed, secure AI platforms, employees frequently turn to public tools like ChatGPT, Claude, and various coding assistants for their daily tasks. A 2023 report by Cisco noted that while 80% of organizations have policies against using unapproved AI, many employees use them anyway, introducing risks of data leaks, compliance violations, and intellectual property loss.

This behavior is not driven by malicious intent but by a desire for efficiency. Employees adopt tools that help them work faster, and the friction of official channels can seem like a barrier. The solution is not to block all AI, but to implement a governance strategy that meets users where they are. Modern AI infrastructure, including tools like Bifrost, an open-source AI gateway from Maxim AI, can provide centralized control, but that control is incomplete if it doesn't reach the endpoint where these unapproved tools are used.

What is Shadow AI?

Shadow AI refers to any AI application or service used by employees without the organization's explicit approval or oversight. This includes using personal accounts for large language models (LLMs), installing desktop AI clients, or integrating ungoverned coding agents into an IDE. Much like "shadow IT" of the past decade, where employees used personal cloud storage or messaging apps for work, shadow AI arises from the gap between user needs and officially sanctioned tools.

The core problem is a lack of visibility and control. When an employee pastes sensitive internal data into a public web-based chatbot, the organization has no record of the event, no way to enforce its data protection policies, and no control over how that data might be used by the third-party service provider. According to a 2024 report from KPMG, 77% of executives are concerned about the security risks posed by generative AI.

A visual metaphor of data streams leaking from multiple laptops and flowing into a large, ominous, unsecured cloud shape

The Risks of Ungoverned AI Usage

The use of unapproved AI tools introduces several categories of risk that can have serious consequences for an organization.

Key Risk Categories:

  • Data Exfiltration and IP Loss: Employees may inadvertently paste proprietary source code, customer data, financial reports, or strategic plans into public LLMs. This can lead to the organization's intellectual property being used to train third-party models or being exposed through a breach of the AI service itself.
  • Compliance Violations: For industries governed by regulations like HIPAA, GDPR, or SOC 2, using non-compliant AI tools to process sensitive data can result in severe penalties. Audit logs are a common requirement, and shadow AI usage leaves no trace.
  • Security Vulnerabilities: Many free AI tools and browser extensions have questionable security practices. They may lack robust access controls, operate with overly permissive data policies, or become vectors for malware.
  • Lack of Oversight: Without a central point of control, organizations cannot manage costs, enforce consistent behavior through guardrails, or monitor for appropriate use. There is no way to apply consistent role-based access control (RBAC) or budget limits.
  • Inaccurate or Hallucinated Outputs: Public models can produce incorrect information. When employees rely on these outputs for decision-making without proper verification, it can lead to poor business outcomes.

Why a Gateway Alone Is Not Enough

An AI gateway is a critical component of modern AI governance. It centralizes traffic, enforces access policies using virtual keys, manages costs, and provides observability. However, a gateway only governs the traffic that is explicitly configured to pass through it. It cannot control an employee who opens a browser and navigates directly to a public AI tool or installs a desktop AI application.

This creates a fundamental gap in enterprise AI strategy. Even with a robust gateway like Bifrost in place, the "last mile" to the user's machine remains unprotected. To solve the shadow AI problem, governance must be extended from the central infrastructure to the endpoint.

The Solution: AI Gateway + Endpoint Governance

A complete solution to shadow AI combines a central AI gateway as the policy and control plane with an endpoint agent that enforces those policies on every employee's machine. This "AI Gateway + Bifrost Edge" model provides comprehensive visibility and control without hindering productivity.

The Bifrost AI gateway serves as the brain of the operation. Here, administrators define all governance policies:

  • Virtual Keys and Access Profiles: Define which users, teams, or projects can access which models, with specific budgets and rate limits.
  • Guardrails: Configure rules to detect and redact sensitive data like secrets or PII before it leaves the corporate network using native secrets detection or integrations with services like AWS Bedrock Guardrails.
  • Audit Logs: Maintain a complete, immutable record of all AI interactions for compliance and security reviews.
  • Routing and Failover: Set up automatic fallbacks and load balancing to ensure reliability.

Bifrost Edge is the agent that extends these policies to every laptop and desktop. It runs on macOS, Windows, and Linux and transparently routes all AI traffic from supported applications through the organization's central Bifrost instance.

How Endpoint Governance Works

  1. Discovery and Inventory: Bifrost Edge automatically detects all AI applications and Model Context Protocol (MCP) servers in use across the entire fleet of devices. This provides administrators with their first complete inventory of shadow AI usage.
  2. Centralized App Management: From a central dashboard, administrators can review the discovered applications and explicitly approve or deny them. A denied application is blocked on the endpoint, preventing its use.
  3. Transparent Routing: For approved apps, Edge routes their traffic through the Bifrost gateway. This is done without requiring any changes to the user's workflow or application configuration. The user continues to use their preferred tool, but all interactions are now fully governed.
  4. Fleet-wide Deployment: Edge is designed for enterprise environments and can be deployed silently to thousands of machines using MDM solutions like Jamf, Microsoft Intune, or Kandji.

This combined approach closes the shadow AI gap. It allows employees to use powerful tools like Claude Desktop or ChatGPT while ensuring that every prompt and response is subject to the organization's security and compliance policies. It transforms unapproved AI tools from a risk into governed assets.

Taking Control of Your AI Landscape

Shadow AI is not a problem that can be solved with policy documents alone. It requires a technical solution that aligns security needs with user productivity. By combining a powerful AI gateway with endpoint governance, organizations can gain complete visibility and control over their entire AI ecosystem.

Teams looking to address the challenge of unapproved AI tools can evaluate solutions that provide this dual capability. Interested parties can request a Bifrost demo or review its capabilities in the open-source repository.