Here is a conversation I have had more than once this year with a Central Coast business owner. "We don't really use AI here," they tell me. Then we look, and it turns out half the office has a free ChatGPT tab open, the bookkeeper is using it to clean up spreadsheets, someone in sales is having it rewrite proposals, and a manager pasted a client contract into it last week to get a plain-English summary. They are using AI. They just are not using it on purpose, with any rules, or with any idea where the data goes.
This is "shadow AI," and it is one of the fastest-moving risks I see in small business right now. It is not a story about killer robots or AI taking jobs. It is a quiet, mundane data-governance problem: useful tools, well-meaning employees, and sensitive information flowing out of the company through a browser tab nobody approved. The good news is that it is very manageable once you stop pretending it is not happening. Here is the practical version.
What "shadow AI" actually is
Shadow AI is just the AI version of an old idea. For years we have talked about "shadow IT," employees using software and services the business never approved, like a personal Dropbox for work files. Shadow AI is the same thing pointed at AI tools: people opening free ChatGPT, Gemini, Claude, or any number of AI features baked into other apps, on their own initiative, to do their jobs faster.
It is important to be clear-eyed about why this happens: the tools are genuinely useful. An employee using AI to draft an email, summarize a long document, or untangle a formula is not being reckless; they are being efficient. That is exactly why this is not a problem you can scold your way out of. The usage is rational. What is missing is the guardrails.
The real risk: data leaving your control
The danger of shadow AI is not that the AI gives a wrong answer, though it can. The danger is what happens to whatever your employee types in. When someone pastes information into a consumer AI tool, that data leaves your building and your control, and depending on the specific tool and its settings, it may be stored on the provider's systems and, in some cases, used to help train future versions of the model. You no longer decide who can see it or where it lives.
Now think about what actually gets pasted in, because it is rarely trivial. A grower's office manager summarizing a supplier contract. A dental practice drafting a letter that includes patient details. An accounting firm asking AI to reconcile a client's figures. A law office condensing a deposition. Each is an ordinary task, and each can quietly push confidential, client, or regulated data into a tool the business never vetted. The exposures stack up fast:
- Client and customer confidentiality. The information you are trusted to protect ends up in a third-party tool you have no agreement with.
- Regulated data. Protected health information, financial records, and personal data carry legal obligations, HIPAA, the FTC Safeguards Rule, state privacy law, that do not pause because an employee used a convenient tool.
- Your own secrets. Unreleased plans, pricing, contracts, and proprietary code can leak the same way.
- Credentials. People paste in things like config files and keys to get help debugging, handing over the literal keys.
None of this requires a hacker. It is self-inflicted data disclosure, one helpful paste at a time, and because it is invisible, most owners have no idea of the volume until someone goes looking.
Why banning AI is the wrong answer
The instinct, once an owner understands the risk, is often to ban it: no AI tools, end of discussion. I understand the impulse, and it almost always backfires. AI tools deliver immediate, obvious productivity gains, so a ban does not actually stop people from using them. It pushes the usage underground, off the company network and onto personal accounts and personal phones, where you have less visibility and zero protection. You keep the entire data risk and throw away the only thing you had going for you, oversight. It is the same dynamic we have seen with every blanket "no" in IT: prohibition without an alternative just relocates the behavior somewhere darker. The goal is not to stop AI; it is to make the safe path the easy path.
The right answer: govern, don't prohibit
Governing AI in a small business is not complicated, and it does not require a consultant's binder. It comes down to three moves.
1. A one-page acceptable-use policy
You do not need a legal treatise. You need one page that answers three questions in plain language: which AI tools are approved, what may never be put into them, and where to go for sensitive work. The "never" list is the heart of it, and a simple gut-check helps staff apply it: if you would not post it publicly or email it to a stranger, do not paste it into a public AI tool. Spell out the obvious categories, client and customer data, anything that identifies a person, health information, Social Security numbers and financial details, employee and HR information, passwords and keys, unreleased business information, and source code.
2. Give people a safer tool
A policy that says "don't" without offering a "do instead" is half a solution. The other half is providing an approved, safer way to use AI, so people are not tempted back to a free account for the sensitive tasks. For most small businesses that already live in Microsoft 365, Microsoft 365 Copilot is the natural fit: it works inside your existing, governed environment and respects your data boundaries, and we covered its rollout and cost in the Copilot post. Standalone business plans like ChatGPT Enterprise or Team serve the same purpose, with contractual commitments that your data is not used to train the model.
3. Ten minutes of training
The policy only works if people understand the why, not just the rule. A short, plain-spoken explanation, here is what happens to data you paste into a free tool, here is the approved option, here is the line you do not cross, does more than any document filed in a drawer. This is the same security-awareness muscle that defends against phishing and the impersonation attacks in our help-desk fraud post; AI is simply the newest thing the team needs a little literacy about.
Free vs. business AI: the distinction that matters most
If you take one technical point from this, make it this one, because it changes everything: with consumer AI tools, your data can be retained and used to improve the model, and you have little control. With business and enterprise plans, ChatGPT Enterprise and Team, Microsoft 365 Copilot, and their peers, the providers contractually commit that your data is not used to train the underlying model, keep your information within a tighter boundary, and add administrative controls and logging. The exact same question, asked of an AI, can be perfectly safe on an enterprise plan and a reportable data disclosure on a free one. The tool is not the risk; the plan and the data boundary are. That is precisely why "give people a safer tool" is the move that does the heavy lifting.
If you're in a regulated or confidential field, this is not optional
For some Central Coast businesses, shadow AI is not just a best-practice issue, it touches legal duties. Law firms owe clients confidentiality; a deposition or matter detail pasted into a consumer tool is a problem regardless of intent, which is part of the broader picture in the professional services IT post. Medical and dental practices are bound by HIPAA, and protected health information does not lose its protection because an employee found AI handy, a point that sits alongside the controls in the HIPAA IT post. Accounting and tax firms hold exactly the kind of financial data the FTC Safeguards Rule governs. In all of these, a written, trained-on AI policy is part of meeting obligations you already have, not a new burden invented for AI.
Where this fits
- The IT consulting and vCIO page, for building the AI policy and choosing the right approved tools for how you work.
- The Microsoft 365 Copilot post, for the safer, governed AI option most Microsoft 365 businesses should start with.
- The cybersecurity page and the 10 essentials, for the data-protection and awareness foundation this rests on.
- The Microsoft 365 settings post, for the tenant-level controls that keep company data governed in the first place.
- The professional services IT post and the HIPAA IT post, for the regulated fields where this carries legal weight.
We help small businesses across Salinas, Monterey, Santa Cruz, Watsonville, and San Jose, and the rest of the Central Coast put sensible AI guardrails in place — keeping the productivity, losing the data risk.
FAQs about shadow AI and using AI tools at work
What is shadow AI?
Shadow AI is the use of AI tools at work that the business has not formally approved or set up, the same idea as the older term "shadow IT" applied to AI. In practice it is an employee opening a free ChatGPT, Gemini, or other AI account on their own and using it to do their job: summarizing a document, drafting an email, cleaning up a spreadsheet, writing code. It is rarely malicious; it is people reaching for a genuinely useful tool to work faster. The problem is not the intent, it is that the company has no visibility into what is being shared, no control over where that data goes, and no agreement in place about what is and is not acceptable to paste in.
Is it safe for employees to use ChatGPT at work?
It depends entirely on which version they use and what they put into it. Using a public, free AI tool to brainstorm, rewrite non-sensitive text, or learn something is generally fine. The danger is pasting confidential information, client records, financial data, employee personal information, unreleased plans, or proprietary code, into a consumer tool, because that data leaves your control and, depending on the tool and its settings, may be retained or used to improve the model. The safe rule is to treat anything pasted into a public AI tool as if it could become visible outside the company, and to keep genuinely sensitive material out of it entirely or move it to an enterprise AI plan with proper data protections.
Should we just ban AI tools at work?
A flat ban almost always backfires. AI tools deliver real, immediate productivity gains, so a ban does not stop people from using them; it pushes the usage underground, onto personal accounts and personal phones where you have even less visibility and no protections at all. You end up with the same data risk and none of the oversight. The better approach is to govern rather than prohibit: provide an approved, safer way to use AI, set clear rules about what can and cannot be shared, and train staff on the difference. Governance keeps the productivity while removing most of the risk, which a ban cannot do.
What's the difference between free ChatGPT and an enterprise or business AI plan?
The core difference is what happens to your data. With consumer AI tools, your inputs may be retained and, depending on settings, used to help train the model, and you have limited control or contractual protection. Business and enterprise plans, such as ChatGPT Enterprise or Team and Microsoft 365 Copilot, are built differently: they contractually commit that your data is not used to train the underlying model, they keep your information within a tighter boundary, and they offer administrative controls, logging, and in some cases compliance commitments. For a business handling client or regulated data, that distinction is the whole game. The same question to an AI is low-risk on an enterprise plan and potentially a data-disclosure problem on a free one.
What should never be pasted into a public AI tool?
Keep these out of any consumer AI tool: client or customer data, especially anything that identifies a person; protected health information; Social Security numbers, financial account details, and other regulated data; employee personal and HR information; passwords, API keys, and credentials; unreleased business plans, contracts, and pricing; and proprietary source code. A simple test works well for staff: if you would not post it publicly or email it to a stranger, do not paste it into a public AI tool. When the work genuinely requires AI to touch sensitive material, that is the signal to move it onto an approved enterprise plan rather than a free account.
Do we really need an AI policy if we're a small business?
Yes, and it does not need to be a thick legal document. Your staff are already using AI, so the only question is whether they are doing it with guidance or guessing. A one-page acceptable-use policy that names which tools are approved, states plainly what must never be shared, and points people to a safer option for sensitive work removes most of the risk for very little effort. For regulated businesses, law firms, medical and dental practices, accounting firms, it is more than good hygiene: client confidentiality and compliance obligations apply to AI use just as they do to email and file sharing, so having a written, trained-on policy is part of meeting those duties.
Want sensible AI guardrails without killing the productivity?
30 minutes with a DoD-cleared engineer. We'll find where AI is already being used in your business, write you a plain one-page policy, and set up an approved, safer tool so sensitive data stays protected. No fearmongering, no obligation.
Book your free assessmentPrefer to talk first? Email sales@ghosxt.com or call (831) 204-0501.