Skip to content
Dropfile

Shadow AI at work: what employees are really pasting into ChatGPT

AI use at work is mainstream. Governance is not. The real shadow-AI problem is not just chatbots — it is the documents, formulas, emails, and snippets employees move through unmanaged tools every day.

Illustrated otter avatar

By Sarah W. · Reviewed by DropFile Editorial Team

Published Last reviewed

Half of workers now use AI at work. The real risk is what happens next.

Gallup says half of employed American adults now use AI in their role at least a few times a year, and frequent use keeps rising. But only 26% say their organization has communicated a clear plan for integrating AI into current practices1. That means a lot of teams are figuring it out as they go.

That is where shadow AI starts.

Most people hear the term and imagine someone opening ChatGPT in a browser tab and pasting in something they should not. That still happens. But in 2026, shadow AI is bigger than that. It includes personal AI accounts, unapproved consumer tools, and the growing number of AI features embedded inside software employees already use every day. CSA notes that the problem has shifted from standalone AI sites to embedded AI inside everyday business applications5, and Microsoft now publishes specific controls to detect visits to AI sites6, detect sensitive prompts, and block paste or upload actions to AI apps7.

The point is simple: the modern shadow-AI problem is not that people are curious about AI. It is that they are trying to get work done faster, and many organizations still have not given them an approved way to do that.

What shadow AI looks like in 2026

Microsoft says 71% of UK employees have used unapproved consumer AI tools at work, and 51% continue to do so every week2. The most common uses are not exotic. They are normal work tasks: drafting workplace communications, drafting reports and presentations, and handling finance-related tasks.

That matters because risky AI use rarely starts with a dramatic event. It starts with a small convenience:

  • "Summarize this PDF for me."
  • "Rewrite this email."
  • "Fix this formula."
  • "Pull the key clauses out of this contract."
  • "Turn these notes into a Slack update."

Each one feels harmless on its own. But the artifact being pasted often contains more than the user realizes: names, pricing, customer data, internal language, source material, hidden context, or proprietary terms.

Netskope says the average organization sees 223 genAI data-policy violations per month3, and Cyberhaven says 39.7% of AI interactions involve sensitive data4. Those numbers are high because AI use is now woven into ordinary workflows, not because most employees are acting maliciously.

What employees are really pasting into AI

The strongest way to think about shadow AI is in terms of the artifact, not the tool. People do not think, "I am now performing a shadow-AI event." They think, "I need a better summary," or "I need this formula now."

What employees paste into AI, why they do it, and a safer workflow shape.
What gets pastedWhy employees do itWhat the risk actually isBetter workflow
PDFs, reports, decksFast summarization, extraction, rewritingSensitive text, hidden context, retained uploads, accidental oversharingUse a purpose-built document workflow instead of a general chatbot
Spreadsheet rows or formula problemsQuick formulas, explanations, cleanupRevenue numbers, payroll data, customer lists, internal modelsUse a spreadsheet-specific tool with minimal required input
Contracts and clausesFaster review and issue spottingLegal terms, pricing, customer names, redline historyUse a contract workflow with scoped analysis
Email draftsFaster writing and tone cleanupCustomer details, internal language, case historyUse an email-focused workflow with redaction or minimization first
Slack or Jira snippetsSummaries, rewrite, status updatesProject names, bugs, incident details, roadmap infoUse a writing workflow that limits context to what is necessary
Meeting notesSummaries and action itemsStrategy, personnel info, financial plansUse an internal or approved workflow with clear retention rules

The personal-account problem is bigger than most teams think

Even when a company has an approved AI tool, employees do not always use the approved account. Netskope says 47% of genAI users still use personal AI apps3. Cyberhaven says 32.3% of ChatGPT usage happens through personal accounts, alongside 58.2% of Claude usage and 60.9% of Perplexity usage4.

That creates a real governance gap. Personal accounts can sit outside SSO, centralized logging, enterprise retention rules, and organizational controls around data use. Cyberhaven explicitly notes that personal accounts bypass SSO enforcement, centralized logging, enterprise retention policies, and controls related to data usage or model training4.

So the question is not only which AI tool an employee uses. It is also which account, which workflow, and what data goes into it.

Why blanket bans usually fail

Most employees are not using AI to break policy. They are using it because it helps them write faster, think faster, summarize faster, and reduce repetitive work. Microsoft says many workers turn to unapproved tools because they are familiar from personal life, and because some companies still do not provide a work-approved option2. Cyberhaven also notes that broad attempts to block AI usage often do not reduce risk; they push usage outside formal controls and reduce visibility4.

That is why "just block ChatGPT" is not a complete strategy in 2026. First, employees may switch to personal accounts, other tools, or browser extensions. Second, the AI feature may already be embedded inside sanctioned software. Third, the work need that caused the behavior does not go away.

A good policy does not start with punishment. It starts with replacing bad habits with safer defaults.

The practical fix: replace paste-anything behavior with approved workflows

If the task starts with a PDF, spreadsheet problem, contract, email draft, or work snippet, the goal should be to move the user into a purpose-built flow instead of teaching them to dump raw artifacts into a general consumer chatbot. That is the operational difference between uncontrolled AI use and governed AI use. DropFile is built around that shape — task-specific tools for summarizing PDFs, analyzing contracts, drafting emails, writing status updates, and redacting sensitive text — rather than one free-form chat window for everything.

A simple 4-part policy model

  1. Classify the task, not just the tool. "Summarize a PDF" is different from "brainstorm a slogan." Treat artifacts differently from generic prompting.
  2. Minimize what gets shared. If a user only needs one clause, one table, or one paragraph analyzed, the workflow should encourage scoped input, not full-document dumping.
  3. Separate approved from unapproved routes. Employees should know where to go for document tasks, writing tasks, and spreadsheet tasks without guessing.
  4. Make the safer path faster than the risky one. If the approved workflow is slower, clunkier, or buried behind policy language, employees will work around it.

The better question to ask inside a company

The wrong question is: "Are employees using AI?"

The better questions are:

  • What work artifacts are they moving into AI?
  • Are they using approved or personal accounts?
  • Is the task document-first, spreadsheet-first, or writing-first?
  • What is the minimum necessary context?
  • What retention, logging, and review path applies?

Once you ask it that way, shadow AI stops looking like a mysterious trend and starts looking like a workflow design problem. That is good news, because workflow problems can be solved.

What teams should do next

If your organization is already seeing employees summarize PDFs, fix formulas, rewrite emails, or analyze clauses with public AI tools, the answer is not to pretend it is not happening. The answer is to provide a better path — clear, fast, and task-specific.

For document-heavy work, that means giving employees a place to summarize, extract, redact, structure, and rewrite without turning every task into a raw paste into a public chatbot. A safer, faster workflow for the work artifacts teams already move every day.

References

  1. Gallup — Rising AI Adoption Spurs Workforce ChangesHalf of employed American adults use AI at work at least a few times a year; only 26% say their organization has communicated a clear AI plan

  2. Microsoft UK — Rise in 'Shadow AI' tools raising security concerns71% of UK employees have used unapproved consumer AI tools at work; 51% do so weekly

  3. Netskope — Cloud and Threat Report 2026Average organization sees 223 genAI data-policy violations per month; 47% of genAI users still use personal AI apps

  4. Cyberhaven — AI Data Security Risks39.7% of AI interactions involve sensitive data; personal-account usage remains significant across ChatGPT, Claude, and Perplexity

  5. Cloud Security Alliance — AI Risks Hiding in Your Apps71% of cybersecurity leaders suspect or have evidence of employees using embedded AI features without risk-management process (Gartner)

  6. Microsoft Purview — Discover AI appsGuidance for detecting visits to AI sites and sensitive info shared in prompts

  7. Microsoft Purview — Block sensitive data going to AI appsGuidance for blocking paste and upload actions to AI apps

Frequently asked questions

What is shadow AI at work?
Shadow AI is the use of AI tools or AI features outside approved organizational visibility, policy, or control. In 2026 it includes public chatbots, personal accounts, and embedded AI inside sanctioned apps. The Cloud Security Alliance and Microsoft both describe the category broadly for that reason — a blanket ChatGPT ban no longer captures the full footprint.
Why is shadow AI risky?
The main risk is not curiosity. It is ordinary work behavior happening without the right controls. Employees paste documents, formulas, drafts, and internal snippets into tools that may sit outside enterprise logging, approved retention settings, or scoped workflows. Cyberhaven and Netskope both report significant volumes of sensitive data flowing into AI through personal accounts.
Does blocking ChatGPT solve shadow AI?
Not by itself. Modern shadow AI includes personal accounts, alternative AI tools, and embedded AI features inside everyday software. Microsoft and CSA both point to a broader visibility and governance problem than one public chatbot site. A ban without an approved alternative pushes usage further outside visibility.
What is a better alternative to a blanket AI ban?
Give employees an approved, faster path for common document and writing tasks. The safer workflow has to be easier than random copy-paste into a public AI app. Task-specific tools — for summaries, contract review, email drafting, redaction — let teams scope what they share and keep a clear audit path.

Analyze contracts without pasting the full doc into a chatbot

A scoped workflow for clause-level review, issue spotting, and negotiation notes — you paste only the section that needs analysis, not the whole contract.

Open the contract analyzer

Related reading