Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI data leaks and shadow AI: what IAM teams need to know


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: AI data leaks now span prompts, coding assistants, training data, and autonomous agent workflows, and 20% of organizations with a breach said shadow AI was involved in 2025, according to WitnessAI. The real issue is not just leakage, but that existing DLP and CASB controls were never built for intent-driven AI interactions or machine-speed data movement.

NHIMG editorial — based on content published by WitnessAI: AI data leaks and how to prevent them

By the numbers:

Questions worth separating out

Q: What breaks when AI data loss controls rely only on DLP and CASB?

A: They miss the main AI leakage paths because prompts, responses, embeddings, and agent actions are not ordinary file transfers.

Q: Why do AI workflows complicate least-privilege access models?

A: AI workflows can move data across multiple systems in one session, especially when agents have API, database, and file-system access.

Q: How do security teams know if shadow AI governance is working?

A: Look for evidence that unsanctioned AI use is visible, attributable, and enforceable.

Practitioner guidance

  • Map AI usage by identity type Inventory which human users, service accounts, copilots, and autonomous agents can reach external AI services, internal models, and MCP-connected tools.
  • Replace label-only DLP with intent-aware controls Use controls that inspect prompts, responses, and workflow context instead of relying only on keywords, file labels, or network destinations.
  • Constrain agent tool access to least-privilege scopes Require task-scoped credentials, explicit tool allowlists, and policy checks before agents query databases, file systems, or external services.

What's in the full article

WitnessAI's full guide covers the operational detail this post intentionally leaves for the source:

  • A practical breakdown of which employee behaviours most often create AI leakage in real enterprises.
  • The platform's network-level discovery approach across browsers, coding assistants, desktop apps, and MCP-connected services.
  • Implementation detail for intent-based machine learning policies and bidirectional runtime protection.
  • Examples of how tokenization and response filtering are applied before and after model interaction.

👉 Read WitnessAI's full guide on AI data leaks and shadow AI governance →

AI data leaks and shadow AI: what IAM teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
Share: