Shadow AI: How IT Can Turn a Risk into an Advantage October 30, 2025 by Ed Crook 
(Summit Art Creations/Shutterstock)
Generative AI adoption is surging in the workplace – but most of it isn’t happening through official IT channels. Recent data shows that roughly 28% of U.S. employees are using generative AI at work, with over 10% using it daily and nearly a quarter using it at least weekly. Workers report that these tools help complete tasks faster, brainstorm ideas, and draft content more efficiently, boosting productivity.
Much of this AI usage is unsanctioned. The recent Microsoft and LinkedIn Work Trend Index found that 78% of AI users bring their own tools to work through personal accounts – part of a broader shadow IT surge that Gartner projects will reach 75% of employees by 2027, up from 41% in 2022. In many cases, employees are entering sensitive company data or intellectual property into these platforms without approval, creating what’s now known as “shadow AI.” Like previous waves of shadow IT, these tools often fill gaps left by enterprise software, offering speed, convenience, and usability that official systems lack. But the stakes are higher: unmonitored AI usage can lead to compliance issues, data breaches, and potential loss of competitive advantage.
Shadow AI Is Here – And IT Can’t Afford to Ignore It
(thinkhubstudio/Shutterstock)
Shadow AI is a modern offshoot of shadow IT – when employees pick tools on their own because they’re simply more effective or easier to use than the ones provided by IT leaders. Historically, this may have looked like transferring work via USB drives, sending files to personal email accounts, or even using third-party apps that made tasks quicker and simpler.
The issue is that IT departments have no visibility or control over these tools. Data processed in personal AI accounts can include sensitive company information, intellectual property, or customer data, leaving it outside the protections IT normally enforces. Without proper monitoring, these tools introduce compliance risks, security gaps, and potential exposure of proprietary information, making unmanaged AI adoption a serious concern for enterprises.
Leveraging Shadow AI for Productivity and Adoption
Rather than trying to push out shadow IT, historically, IT leaders have learned to work with it. Employees naturally gravitate towards tools that make their jobs faster and easier, even if those tools aren’t officially approved. Many of today’s “enterprise essentials” – smartphones, cloud services, collaboration platforms – were once banned as security risks before their value became undeniable.
Generative AI is following the exact same trajectory. The key for organizations is to understand which AI tools employees are adopting and why. By building compliant, secure pathways for popular tools, IT teams can now redirect budgets toward software that people actually want to use, while capturing measurable productivity gains.This approach positions shadow AI as a source of insight: observing what employees voluntarily adopt, helping IT shape a software stack that is both effective and embraced, rather than enforced.
How IT Can Guide Safe and Effective AI Use
Enterprise technology has steadily democratized over decades. Software that was once notoriously complex now rivals the usability of consumer apps. Cloud platforms have evolved to support distributed teams at scale, and cybersecurity practices have matured to balance protection with user experience. Generative AI needs to follow the same trajectory.
(chaylek/Shutterstock)
Leading AI platforms already offer enterprise tiers – premium options with controlled data retention and enhanced security. But these require IT-level deployment and oversight, not ad-hoc management by individual employees. By formally integrating AI into the tech stack, IT leaders gain visibility into usage, can deliver safety training, and support controlled experimentation that drives efficiency.
At DeepL, we architect our Language AI solutions with two priorities in mind: a seamless end-user experience and confidence for security leaders. Speed, usability, and accuracy matter, but the trust is foundational. That’s why we build information security into our systems from the ground up, not as an afterthought.
The Future of AI in the Enterprise
Trust is the currency of enterprise AI adoption – and it’s fragile. Once compromised, it’s extremely difficult to rebuild. As organizational AI strategies mature, the challenge is balancing productivity with protection, creating space for innovation while keeping risks at bay.
Shadow AI follows a familiar pattern: employees adopt tools that enhance their effectiveness, regardless of official policies. For IT leaders, this creates a reset opportunity. By converting shadow AI into structured insights, organizations can capture the productivity gains employees are already realizing, while keeping risk firmly under control.
The question isn’t whether AI will reshare work – it already has. The question is whether IT will lead that transformation or be dragged along by it.
About the Author
Edward Crook is Chief of Staff at DeepL, a global AI and product research company, where he leads cross-departmental projects to aid business growth. He is also an executive member of the Strategy Outthinker Network and, prior to DeepL, was Chief Strategy Officer at Brandwatch. He brings experience leading strategy and operations functions in the UK, Germany and US, and specializes in growth stage businesses, market expansion, and B2B SaaS. His work has been recognized by Information Age's Data 50 and the Customer Success Collective. Edward holds a degree in linguistics from the University of Sussex and an MBA from the Berlin School of Economics and Law.
