Shadow IT and shadow AI expose the access-trust gap

At a glance

What this is: This analysis examines how shadow IT and shadow AI widen the access-trust gap by placing unmanaged apps, devices, and AI tools outside conventional IAM control.

Why it matters: It matters because IAM, IGA, and PAM teams now have to govern access that is outside SSO, outside MDM, and often outside the approval chain entirely.

By the numbers:

• Through 2027, organizations that fail to centrally manage SaaS life cycles will remain five times more susceptible to a cyber incident or data loss due to incomplete visibility into SaaS usage and configuration.
• 72% of employees who regularly use GenAI were either using non-corporate emails as the identifiers of their accounts or were using corporate emails without integrated authentication systems in place.

👉 Read 1Password’s analysis of shadow IT, shadow AI, and the access-trust gap

Context

Shadow IT and shadow AI become security problems when employees can create or adopt access paths that bypass central identity controls. In practice, that means identities, applications, and devices can reach business data without the normal governance checks that IAM, MDM, and access review processes assume are in place.

The article frames this as an access-trust gap: organisations trust data-bearing access relationships that were never fully federated, never fully sanctioned, and often never fully visible. For identity programmes, the issue is not simply software sprawl but the loss of enforceable lifecycle control over how access starts, changes, and ends.

Key questions

Q: How should security teams govern shadow IT that employees adopt outside central IAM?

A: Start with discovery, then apply lifecycle control. Security teams need to identify the app, the identity used to create it, the data it touches, and the exit path for offboarding or revocation. If the organisation cannot answer those four questions, the app is not governed, even if it is convenient or widely used.

Q: Why do unsanctioned apps create more risk than ordinary SaaS sprawl?

A: Unsanctioned apps are riskier because they often sit outside federated identity, logging standards, and offboarding workflows. That means the organisation may not know who has access, whether corporate data was entered, or how long the account survives after employment changes. Risk increases when visibility and lifecycle control disappear together.

Q: What do security teams get wrong about shadow AI governance?

A: They treat shadow AI as a policy issue instead of an identity issue. If users can access AI tools with personal credentials or corporate identities that are not bound to integrated authentication, the organisation loses accountability. Governance must cover the account, the session, and the data flow, not just the acceptable-use rule.

Q: How can organisations reduce exposure from unmanaged SaaS and AI tools?

A: Focus on the highest-risk applications first, especially those that handle sensitive data or bypass SSO. Then pair discovery with de-provisioning, logging, and review so access can be removed when the user changes role or leaves. Without that lifecycle discipline, inventory alone will not reduce exposure.

Technical breakdown

Why unmanaged SaaS creates an identity governance gap

Unmanaged SaaS breaks the normal chain of control between authentication, entitlement, and lifecycle governance. When departments buy tools outside IT oversight, identity teams lose sight of who created the account, which data was entered, whether corporate controls were applied, and how offboarding is enforced. The result is not just hidden software, but hidden access paths that may persist after roles change or employment ends. Traditional IAM can federate what it knows about, but it cannot govern what it never discovers. Practical implication: discovery and lifecycle visibility have to precede any access-control decision.

Practical implication: Discovery and lifecycle visibility have to precede any access-control decision.

Shadow AI and corporate identity without integrated authentication

Shadow AI becomes materially different from ordinary SaaS sprawl because account creation often happens faster than governance can react. Users may access AI tools with non-corporate emails, personal credentials, or corporate emails that are not bound to integrated authentication, which weakens accountability and makes data handling harder to prove. That pattern severs the link between the corporate identity lifecycle and the tool session, so the organisation cannot confidently assert who accessed what, under which policy, or whether the account is still in scope. Practical implication: identity teams need to treat unsanctioned AI access as a governance problem, not just a policy violation.

Practical implication: Identity teams need to treat unsanctioned AI access as a governance problem, not just a policy violation.

Access-trust gap as a control-model failure

The access-trust gap describes a structural mismatch between modern user behaviour and legacy control assumptions. Older IAM and MDM models assume IT provisions the approved app set, device set, and access path. Today, business users assemble their own stack from SaaS, personal devices, and AI tools, then move sensitive data across those channels. Once that happens, central controls may still exist, but they no longer define the real security boundary. Practical implication: governance must shift from managing approved systems only to continuously discovering and evaluating actual access behaviour.

Practical implication: Governance must shift from managing approved systems only to continuously discovering and evaluating actual access behaviour.

Threat narrative

Attacker objective: The objective is to move or retain access to sensitive business data through governance blind spots that the organisation cannot reliably audit or terminate.

1. Entry occurs when workers adopt shadow IT or shadow AI tools using self-registered accounts, non-corporate emails, or corporate identities without integrated authentication.
2. Escalation occurs when sensitive data is entered into unsanctioned applications that sit outside central lifecycle controls, making access hard to review or revoke.
3. Impact occurs when those unmanaged access paths create compliance exposure, budget waste, and data-loss risk that legacy IAM, MDM, and SSO controls cannot fully contain.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Shadow AI is now a lifecycle problem, not just an acceptable-use problem. When employees can create AI accounts with non-corporate identities or with corporate email outside integrated authentication, the organisation loses the ability to tie usage to a governed identity lifecycle. That means offboarding, review, and policy enforcement no longer operate on the actual access path. The practitioner conclusion is straightforward: governance has to follow the account, not the corporate directory entry.

The access-trust gap is the right named concept for this shift. Legacy IAM and MDM were built for a world where IT decided the application set and controlled the endpoint estate. That assumption fails when employees assemble their own stack of SaaS, personal devices, and AI tools, because the real security boundary moves outside centrally managed systems. The implication is not a new control list, but a redefinition of what counts as the governed environment.

Visibility without lifecycle enforcement is still partial control. Discovering unsanctioned apps is useful only if the organisation can also map who created the access, whether it carries corporate data, and how it will be retired. Otherwise, the inventory becomes a reporting artifact rather than a governance mechanism. Practitioners should treat discovery, provisioning, and de-provisioning as one chain, not three disconnected tasks.

Unfederated access makes compliance risk a byproduct of identity sprawl. Once data is placed into tools that bypass central oversight, the organisation may be unable to demonstrate where information resides, who touched it, or whether the account still exists. That creates audit and legal exposure even when no external attacker is present. The practitioner conclusion is to govern the access path as rigorously as the data itself.

Organisations are underestimating how quickly unmanaged access becomes operational debt. The article’s argument is not that shadow IT is new, but that shadow AI accelerates the same governance failure by making unsanctioned access easier to create and harder to classify. That compounds the burden on IAM, IGA, and security teams already trying to maintain authoritative access records. The implication is that programme maturity now depends on discovering what employees actually use, not what procurement approved.

From our research:

• 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
• A separate finding from that report shows that lack of credential rotation is cited as the top cause of NHI-related attacks by 45% of organisations.
• For the broader lifecycle angle, NHI Lifecycle Management Guide is the most direct next resource for understanding provisioning, rotation, and offboarding.

What this signals

Access-trust gap: organisations need to treat ungoverned SaaS and shadow AI as part of the identity surface, because the real boundary is the access path that employees actually use, not the app catalog approved at purchase time. That shift makes discovery, lifecycle enforcement, and data handling controls inseparable in practice.

The governance signal here is that IAM teams can no longer rely on federation alone. Once users operate through personal devices, personal email identities, or unsanctioned AI tools, control design has to combine visibility, de-provisioning, and policy enforcement across the full access lifecycle, including unmanaged sessions.

When access patterns move outside SSO and MDM, the programme question becomes whether the organisation can prove who accessed what and when. The teams most exposed are the ones that can inventory software but cannot tie that inventory back to identity lifecycle events or auditable control points.

For practitioners

• Build discovery around actual app usage Inventory SaaS and AI tools from identity logs, browser telemetry, and access gateways rather than relying on procurement lists or SSO catalogs alone.
• Bind unsanctioned access to lifecycle controls Require offboarding and access review coverage for accounts created outside the standard onboarding flow, including personal-email signups that touch corporate data.
• Separate corporate data from unmanaged tools Restrict copy-and-paste, upload, and connector permissions where shadow AI or shadow SaaS cannot be brought under policy, logging, and retention rules.
• Prioritise high-risk apps for federation or retirement Use risk scoring to identify the applications most likely to contain sensitive data, then move them toward SSO where feasible or retire them where governance cannot be enforced.

Key takeaways

• Shadow IT and shadow AI create an identity governance problem when employees adopt access paths that bypass central lifecycle control.
• The article’s core evidence is an access-trust gap, where unmanaged identities, devices, and apps erode visibility, accountability, and offboarding.
• Practitioners need discovery, lifecycle enforcement, and data-access controls to operate as one chain, not as separate security projects.

Key terms

• Shadow IT: Technology, applications, or services adopted by employees or departments without central approval or visibility. In identity terms, shadow IT is dangerous because accounts, entitlements, and data flow can exist outside normal provisioning, review, and offboarding controls.
• Shadow AI: AI tools or services used without organisational oversight, including accounts created with personal credentials or corporate identities that are not properly federated. It expands the identity surface because sessions may contain sensitive data without a clear ownership or audit trail.
• Access-Trust Gap: The mismatch between what an organisation believes is governed and the access paths people actually use. It appears when identity, device, and application controls were built for sanctioned systems, but users increasingly route data through unmanaged tools outside those controls.
• Lifecycle control: The set of processes that govern how access is created, reviewed, changed, and removed across identities and systems. For shadow IT and shadow AI, lifecycle control matters because an account can outlive approval, ownership, or employment unless offboarding is enforced.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by 1Password: its analysis of shadow IT, shadow AI, and the access-trust gap. Read the original.