Shadow AI and intent-aware controls: what IAM teams need now

TL;DR: Enterprises cannot secure generative AI with browser-only visibility or keyword-based DLP because shadow AI now sits in desktop apps, IDEs, and fragmented toolchains, according to WitnessAI. The real governance shift is from blocking usage to understanding intent, routing risk appropriately, and building controls that scale across global enterprise environments.

NHIMG editorial — based on content published by WitnessAI: enterprise AI security considerations for large organisations

By the numbers:

• 28% of secrets incidents now originate outside code repositories in Slack, Jira, and Confluence, and are 13% more likely to be categorised as critical than code-based leaks.
• 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.

Questions worth separating out

Q: How should security teams govern shadow AI across desktop apps and IDEs?

A: They should treat shadow AI as an enterprise visibility problem, not a browser problem.

Q: Why do keyword-based DLP controls fail for generative AI use?

A: Keyword-based DLP fails because it can only inspect content patterns, not user intent or business context.

Q: How can organisations reduce AI security fragmentation without losing control?

A: They should unify visibility, protection, and audit into one control model rather than stitching together separate tools for browser activity, model security, and API access.

Practitioner guidance

• Inventory all AI entry points Map browser, desktop, IDE, terminal, and embedded application paths so AI usage is visible wherever employees actually work.
• Replace keyword-only DLP with intent-aware policy Classify prompts by purpose and data sensitivity, then route high-risk interactions into stricter approval, logging, or private-model paths.
• Align AI governance with jurisdiction and tenancy boundaries Require single-tenant isolation, customer-controlled encryption, and regional processing for deployments that handle regulated or sensitive data.

What's in the full article

WitnessAI's full article covers the operational detail this post intentionally leaves for the source:

• A practical breakdown of AI security controls for browser, desktop, and IDE usage patterns.
• Specific examples of routing logic for high-risk versus low-risk prompts and outputs.
• Architecture requirements for multi-region, single-tenant, and BYOK deployments.
• The vendor's recommended approach to reducing alert fatigue while preserving policy enforcement.

👉 Read WitnessAI's analysis of enterprise AI security controls and shadow AI risk →

Shadow AI and intent-aware controls: what IAM teams need now?

Explore further

View Full Forum →  |  NHI Foundation Course →