Shadow AI visibility is now an identity governance problem

At a glance

What this is: This is a shadow AI governance analysis arguing that visibility, inventory, and access control are now the first-line identity controls for unapproved AI use.

Why it matters: It matters because IAM, NHI, and AI governance teams need one operating model for finding, classifying, and constraining unapproved AI before it becomes a data and compliance problem.

By the numbers:

• 68% of employees use free-tier AI tools like ChatGPT with personal accounts.
• 57% admit to inputting sensitive data such as customer personally identifiable information (PII) and internal documents into these ungoverned models.
• There are over 6,500 GenAI domains and 3,000 apps observed across enterprises, making manual tracking impossible.

👉 Read JumpCloud's analysis of shadow AI visibility and governance

Context

Shadow AI is the use of unapproved AI tools and AI-enabled services outside enterprise governance. The core identity issue is visibility, because you cannot govern access, data handling, or user behaviour when the toolset itself is unknown. In practice, that makes shadow AI a governance problem for IAM, SaaS management, and identity operations, not just a policy violation.

The article argues that unmanaged AI use creates the same kind of blind spot that shadow IT once did, but with greater data and compliance consequences. It also extends the problem beyond human web use to non-human identities and agentic identities that may access company data autonomously. That makes discovery the prerequisite for any meaningful control model, and that starting point is typical of organisations still early in AI governance maturity.

Key questions

Q: How should security teams govern shadow AI without blocking productivity?

A: Start by discovering every unapproved AI tool, linking it to a user or non-human identity, and classifying the data that reaches it. Then separate low-risk use cases that can be sanctioned through enterprise controls from high-risk use cases that should be warned against or blocked. Governance works when approval is explicit, not when shadow use is merely observed.

Q: Why does shadow AI create more risk than ordinary shadow IT?

A: Shadow AI can receive sensitive prompts, persist data outside enterprise retention, and process information through systems the organisation does not control. That makes confidentiality, compliance, and chain-of-custody risks much harder to manage than with ordinary unsanctioned software. The risk increases further when non-human identities or autonomous agents are involved.

Q: What breaks when organisations cannot see unapproved AI use?

A: Without visibility, security teams cannot attribute activity, classify data exposure, or decide whether a tool is acceptable. That leaves policy unenforceable and turns governance into guesswork. The result is that AI use spreads faster than review, especially when employees and automated identities adopt tools outside formal procurement.

Q: Who should own shadow AI governance in an enterprise?

A: Ownership should sit across IAM, SaaS management, security, and data governance because shadow AI crosses all four domains. Identity teams handle attribution and access, security handles risk enforcement, and data owners decide what content may be used. If ownership is fragmented, the organisation will see the problem but fail to govern it.

Technical breakdown

Shadow AI discovery and unified identity telemetry

Shadow AI discovery depends on correlating identity, device, and web access telemetry so that AI use can be tied to a user, a device, and a destination. A unified view turns raw domain traffic into a governance inventory. This is the difference between seeing a browser request and seeing an accountable identity using an unapproved model. Without that linkage, security teams can detect traffic but cannot decide whether it is a sanctioned business use, a policy breach, or a data exposure event.

Practical implication: build discovery on identity-linked telemetry so unapproved AI use can be attributed, classified, and reviewed.

Why unapproved AI creates data leakage and compliance exposure

The risk is not only that employees use the wrong tool, but that they place regulated or proprietary data into systems the enterprise does not control. Once data enters a public or free-tier model, chain of custody becomes hard to prove and retention rules become uncertain. That creates exposure under privacy and sector regulations, especially where customer PII, internal documents, or other sensitive content is involved. The governance issue is therefore not abstract AI adoption, but the loss of control over where data is processed and stored.

Practical implication: classify high-risk AI inputs by data type so policy, legal, and access controls align before sensitive content is exposed.

Agentic identities widen the visibility problem

The article correctly extends shadow AI beyond human use of web apps to non-human and agentic identities. That matters because autonomous scripts or AI agents may access data without a human opening a browser or logging into a SaaS tool. Traditional visibility controls built around employee browsing miss these flows unless the identity layer is included. This is where AI governance merges with NHI governance: the security question becomes who or what is accessing data, under what authority, and whether that authority was ever approved.

Practical implication: include NHI and agent telemetry in AI governance so autonomous access does not bypass the discovery model.

Threat narrative

Attacker objective: The objective is to extract or persist sensitive enterprise data through unmanaged AI use, creating confidentiality loss and compliance exposure.

1. Entry occurs when employees or automated identities use unapproved AI tools or free-tier accounts outside enterprise control, often by uploading data directly into those services.
2. Credential or authority abuse follows when the actor is already authenticated to the tool, but the enterprise has no control over the session, retention settings, or downstream handling of the data.
3. Impact is the leakage of sensitive information, loss of chain of custody, and higher breach and compliance costs when proprietary data is exposed to unmanaged models.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• Salesloft OAuth token breach — hackers stole OAuth tokens to access Salesforce data via Salesloft.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Shadow AI is an identity visibility failure before it is an AI policy failure. The governance gap is not that organisations lack opinions about AI use, but that they cannot reliably see every unapproved tool, account, and data path. Once identity telemetry is missing, policy becomes aspirational and enforcement becomes inconsistent. The practical conclusion is that discovery must be treated as an identity control, not a communications exercise.

Shadow AI creates an identity blast radius problem because data moves before governance can intervene. The article’s key finding is that employees are already using free-tier tools and entering sensitive information at scale. That means the control boundary is no longer the employee laptop, but the model endpoint and the data classification attached to the input. Practitioners should read this as a blast-radius issue across IAM, SaaS governance, and data protection.

Agentic and non-human identities make shadow AI materially different from legacy shadow IT. A browser-based app can be discovered through web logs, but autonomous scripts and AI agents can access data without a visible human session. That breaks older assumptions about who is operating the tool and when access occurs. The implication is that AI governance must share an operating model with NHI governance, because the same identity can now be human-initiated, machine-mediated, or fully autonomous.

Visibility without approval logic only documents risk, it does not govern it. The article’s stronger point is that some shadow AI tools will be worth formalising, while others should be blocked or warned against. That requires a decision framework that combines inventory, risk scoring, and access path control. Practitioners should therefore separate discovery from sanctioning and make the approval decision explicit.

Named concept: shadow AI inventory drift. This is the gap between the number of AI tools employees actually use and the number the organisation has formally approved, classified, and monitored. As the tool count expands and usage persists, the drift becomes a standing governance liability. The practitioner takeaway is to measure the gap continuously rather than treating discovery as a one-time audit.

From our research:

• 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to the 2026 Infrastructure Identity Survey.
• 52% of security leaders expect AI security decision-making power shifting toward platform and infrastructure teams rather than the executive suite.
• For related guidance: Top 10 NHI Issues explains the access, governance, and sprawl problems that shadow AI often inherits and amplifies.

What this signals

With 70% of organisations already granting AI systems more access than they would give a human employee performing the same job, per the 2026 Infrastructure Identity Survey, the governance issue is not whether AI will be used, but whether access is being assigned on evidence or optimism. Security teams should expect pressure to treat discovery as a control surface, not a reporting output.

Shadow AI inventory drift: the gap between approved AI tools and actual AI usage will become a standing audit issue unless discovery is continuous. That means identity telemetry, SaaS governance, and data controls need to converge into one operational model rather than separate oversight routines.

Programmes that can identify unapproved AI use within the identity layer will be better placed to decide where SSO, access warnings, or blocking make sense. That is the practical shift: governance moves from policy statements to enforceable access decisions tied to actual behaviour.

For practitioners

• Link AI discovery to identity telemetry Correlate user, device, and web access data so every unapproved AI tool can be tied to a real identity and reviewed in context.
• Classify sensitive inputs before AI use expands Map customer PII, internal documents, and other regulated data to explicit AI handling rules so users know what may never be pasted into unapproved tools.
• Extend governance to non-human and agentic identities Include scripts, service accounts, and AI agents in the same discovery process so autonomous access cannot bypass your shadow AI controls.
• Separate low-risk approval from high-risk blocking Use risk scoring to formalise useful tools through SSO and block or warn on services that cannot meet enterprise access and data-handling requirements.

Key takeaways

• Shadow AI is fundamentally a visibility and identity governance problem, not just a policy problem.
• Unapproved AI use becomes materially riskier when sensitive data is entered into tools the enterprise cannot control or audit.
• IAM, SaaS management, and NHI governance teams need a shared discovery and enforcement model before AI use scales further.

Key terms

• Shadow AI: Unapproved AI tools, services, or models used without enterprise oversight. In practice, it creates a governance blind spot because the organisation cannot see where data is going, who is using the tool, or whether the access path is acceptable under policy.
• Identity telemetry: The log and signal set that ties activity to a user, device, or non-human identity. For AI governance, it is the evidence layer that lets teams attribute usage, classify risk, and decide whether a tool is sanctioned, misused, or unknown.
• Identity blast radius: The amount of damage an identity can cause if its access is misused or unmanaged. In AI governance, the blast radius expands when users or agents can paste sensitive data into external systems that the enterprise does not control or audit.
• Non-human identity: A machine or software identity such as a service account, token, script, workload, or AI agent. These identities need the same governance discipline as human users, but their access patterns are often faster, broader, and harder to observe.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or governance maturity, it is worth exploring.

This post draws on content published by JumpCloud: shadow AI visibility and governance guidance. Read the original.