What's shadow AI in practice?
we found out four months ago that a dev on our team had been feeding chunks of our internal codebase into Claude to help with refactoring. No approval, no review. Found out because he mentioned it in a code review like it was nothing.
Ran an audit after that and found four times more shadow AI tool usage than expected, ChatGPT, Gemini, AI coding assistants in VS Code like Copilot, Codeiu, and Tabnine all making external API calls, Notion AI, random browser copilots. Nobody filed a ticket and did not review data handling terms. Just people trying to work faster.
Saw a stat recently that enterprises have zero visibility into 89% of AI tool usage despite having AI acceptable use policies in place. Felt about right after our audit.
The part that got me was the risk isn't where I was looking. I was thinking unauthorized access to corporate systems. The actual problem is what's being typed into a prompt box, source code, customer data, API keys, internal credentials. Outside your control the moment someone hits submit. Consumer accounts on ChatGPT and Claude may use that input for model training depending on account type, enterprise accounts contractually exclude it, but most employees aren't on enterprise accounts. Proxy sees a connection to claude.ai. Has no idea what went in. Pattern-based DLP doesn't catch unstructured prompt content either, it doesn't match regex patterns for known sensitive data types.
Is this what people mean when they say shadow AI? And how are teams getting visibility into AI tool usage at the interaction level, feels like most tooling wasn't built for this, though that's starting to change.