Balancing AI Productivity and Data Security in the Workplace
Learn how companies can manage shadow AI risks while enabling safe and productive AI tool usage without hindering team performance.
Companies are increasingly encouraging employees to use AI tools to boost productivity, but this comes with significant data security risks. A recent study by Varonis reveals that shadow AI—unsanctioned generative AI applications—poses a major threat, with nearly all companies having employees using unsanctioned apps and nearly half using high-risk AI applications.
Key Findings:
- Temptation to Share Sensitive Data: Employees often upload financial information, client data, or proprietary code into AI tools for quick results.
- Hidden AI Use: Nearly a third of employees keep their AI usage hidden from management, exposing companies to unvetted data policies.
- High-Risk Applications: Many unsanctioned AI tools bypass corporate governance, leading to potential data leaks.
Strategies for Safe AI Adoption:
- Education and Transparency: Companies must educate employees on data classification (public, internal, confidential, restricted) and establish clear policies.
- Balanced Policies: Banning AI tools is ineffective. Instead, focus on understanding business goals and adjusting policies to enable safe usage.
- Agentic AI Challenges: Future AI agents will require access to credentials and identities, raising new security concerns. Humans must retain critical decision-making authority.
Expert Insights:
- James Robinson (Netskope): "We need to understand what the business is trying to achieve" rather than simply policing AI use.
- Jacob DePriest (1Password): Striking a balance between enabling AI and implementing guardrails is crucial.
- Brooke Johnson (Ivanti): "You don’t want employees to get better at hiding AI use; you want them to be transparent."
Conclusion:
With the right mix of education, transparency, and oversight, companies can harness AI’s power without compromising data security. The key is to foster a culture of responsible AI use while maintaining productivity.
Written by Sharon Goldman for Fortune as "Everyone’s using AI at work. Here’s how companies can keep data safe" and republished with permission.
Related News
Microsoft Copilot Agents Bypass Access Policy Putting Data at Risk
Security researchers found Microsoft Copilot agents ignore the NoUsersCanAccessAgent policy, allowing unauthorized access to sensitive data despite admin settings.
Skyflow Launches MCP Data Security Platform for AI Agents
Skyflow introduces MCP Data Security Platform to mitigate risks in AI agent adoption, ensuring secure access to customer data.
About the Author
Dr. Lisa Kim
AI Ethics Researcher
Leading expert in AI ethics and responsible AI development with 13 years of research experience. Former member of Microsoft AI Ethics Committee, now provides consulting for multiple international AI governance organizations. Regularly contributes AI ethics articles to top-tier journals like Nature and Science.