Where Does Shadow AI Come From?
We tend to see shadow AI emerging in two ways. The first is student-driven. Students are digital natives, and for them, using public large language models has become second nature. They’re looking for tools that will help them get their work done faster and better. Unless a university has clearly explained what is and isn’t acceptable to paste into those tools, many students simply don’t know where the boundaries are, especially when it comes to things like information protected by the Family Educational Rights and Privacy Act or other sensitive data.
The second source of shadow AI are employees, including faculty, researchers and administrators. Senior researchers often have their own budgets and grants, and latitude to choose the tools they want. But they’re still leveraging the university’s networks, data and intellectual property. When someone in that position signs up for a cloud-based AI service and connects it to institutional data sets, they’re not always informing the IT department. Sometimes they ask IT to support or integrate these tools after the fact, when the tools are already deeply embedded into a workflow.
Of course, most of this behavior isn’t malicious. There are always a few people who will ignore policy, but most shadow AI usage comes from a mix of good intentions, convenience and simple ignorance. Policies, when they exist, are often long, dense documents that people skim during mandatory training and never think about again. The result is a gap between formal rules and day-to-day reality.
WATCH: Four AI trends to monitor this year.
What Are the Risks of Shadow AI?
From a generative AI standpoint, the biggest concern is data leakage. When someone pastes student records, health information, proprietary research or internal operational data into an AI tool, they may be exposing personally identifiable information, FERPA-protected data, or material that falls under other federal regulations. Depending on the tool, that data may be retained, used to train future models or otherwise handled in ways that are incompatible with the institution’s obligations or values. Once the data is out there, you can’t pull it back.
Understanding a tool’s data usage and privacy policy is critical. Does this vendor reserve the right to use your prompts and outputs to train their models? Does your institution retain ownership of the content? How long is data stored? For many public tools, anything you send to them effectively becomes part of their ecosystem. That might be fine for a casual brainstorming prompt, but not for a data set tied to real students or research subjects.
How to Identify and Control Shadow AI
Identifying shadow AI means thinking in terms of both technology and culture.
On the technology side, traditional perimeter security, firewall logs, data loss prevention tools and web filtering can all play a role. IT teams can monitor outbound traffic to known AI services, block access when necessary and set up controls that limit what can be sent outside the network. Observability tools can provide dashboards that show which AI services are being accessed, from where and by whom. That doesn’t fix the problem on its own, but it gives IT a baseline understanding of how big the problem really is.
CDW works with security and observability partners to offer tools that monitor traffic to AI applications, surface which AI services are being used and help IT teams understand where sensitive data might be at risk. We can offer best practices for software implementation and configurations to help your team make informed decisions instead of reacting blindly.
Culturally, IT has to be seen as a partner, not just an enforcer. When faculty and staff feel like approaching IT will only result in being told “no,” they’ll find another way. The IT team should be seen as a true collaborator and source of guidance so users are willing to bring IT staff into the conversation early.
UP NEXT: Shadow data can be a serious security threat.
One effective way to encourage compliance is to make the approved tools better than the unofficial ones. If your sanctioned AI platform gives students and faculty access to institutional knowledge in addition to general AI capabilities, it immediately becomes the more useful option. When enterprise-grade tools are fast, reliable and more valuable, people will naturally choose them because they work better.
For institutions that feel like AI usage is already out of control, the first step isn’t to lock everything down; it’s to gain visibility. You need to know what’s happening before you can design realistic policies and remediation paths. From there, establish an AI Center of Excellence or a similar cross-functional body that includes IT staff, academic leadership, researchers and administrative voices. When policies are co-created with stakeholders instead of handed down unilaterally by IT, they’re more likely to be understood and followed.
AI in higher education is not a fad. Employers will expect that graduates know how to use AI tools responsibly. Universities that treat AI as a threat to be suppressed risk leaving their students unprepared and pushing usage underground instead of shaping it. Leaning in thoughtfully, securely and in alignment with your institutional values is the only realistic path forward.
