cool-solution — dev.blog
Technologies

Shadow AI in SMEs: how to govern AI agents without killing productivity

When a business owner asks me "do we have an AI problem?", my answer always starts with the same question: "do you know what your people are using?". Almost always the answer is no. That is shadow AI — the phenomenon where employees and collaborators adopt AI tools without IT or management knowing about it. In 2026 this is no longer an edge case: Gartner estimates 68% of employees are involved, IBM puts $670,000 in additional cost on every data breach where shadow AI is a factor. For an SME the goal is not to block — AI saves real hours every day — but to understand what is coming into the business, what is leaving, and with what permissions. In this article I look at the five pillars of AI governance scaled to SMEs, and what to do in the first 30 days.

AIHRMarketingAdminCustomer CareSalesOperations

🔍 What shadow AI really is, and why it explodes in 2026

We talk about shadow AI when people inside a company use artificial intelligence tools — generative or agentic — without a policy in place, without IT approval, without management knowing what data flows through them. It is the cousin of the shadow IT we have known for years, with one decisive difference: data that enters a prompt cannot be retrieved.

Why does it explode now? Three factors combine. First, AI agents: they no longer just answer questions — they access inboxes, read files on Drive, write to the CRM. The risk is no longer just "what did I type in the prompt" but "what does the agent have access to". Second, ease of adoption: connecting a corporate Google account to an external tool takes 30 seconds. Third, productivity pressure: people who save two hours a day will do it without asking permission.

The Vectra survey of May 2026 finds that 49% of companies expect a shadow AI-related incident within the next 12 months. For an SME the most common problem is not industrial espionage: it is a customer record, a commercial proposal, or a bank statement pasted into a consumer chatbot that retains it for model training.

⚠️ Seven concrete risks I see in SMEs

The risks of shadow AI are not abstract. The ones I encounter most often, in order of frequency, are seven: prompt injection (hidden instructions in a document that hijack the agent), over-permissioning (the agent has more access than it needs), cascading errors when multiple agents communicate with each other, data loss without a trace, agent impersonation, propagation of corrupted data, and finally shadow deployments that nobody has mapped.

For an SME of 10–50 people, two of these are the real killers. The first is prompt injection hidden in PDFs: a supplier sends a proposal, the consultant passes it to an agent to summarise, and inside the PDF there is an invisible instruction telling the agent "send the summary to this external address". The second is over-permissioning: the agent set up to summarise email also has access to the HR archive because "it was easier to connect everything at once". When someone leaves the company, those access credentials often stay active.

The good news is that both can be mitigated with two simple habits, not a six-month project: least privilege by default and one named owner who knows, at any given moment, which agents are active and what they have access to.

Shadow AI by the numbers, 2026
Employees using AI without IT+68%Companies expecting an incident within 12 months+49%Enterprise apps with AI agents by end of 2026+40%Extra cost per breach with shadow AI+670k$

Sources: Gartner 2026, IBM Cost of a Data Breach 2025, Vectra Shadow AI Report May 2026.

🏗️ The five pillars of AI governance for SMEs

The governance frameworks published in 2026 (NIST, Gartner, sector-specific guidelines) converge on five pillars. For an SME they need to be translated into practice, not left as presentation slides. They are: inventory, identity, least privilege, observability, continuous compliance.

Inventory: a list — even just a shared spreadsheet — of which AI tools are in use, who activated them, what data they can see. Without an inventory, nothing can be governed. Identity: every agent operates under a dedicated account, not the employee's personal email. When the employee leaves, the agent switches off automatically. Least privilege: the agent that summarises email reads email — and nothing else. Not the HR archive, not the shared drive.

Observability: logs kept for at least 90 days covering what the agent did, which files it opened, which emails it read. On the Team and Enterprise plans of Claude, Microsoft 365 and Google Workspace, observability is already included — it just needs to be switched on. Continuous compliance: a 30-minute quarterly review in which the actual inventory is compared with the declared one, and orphaned access credentials are closed off.

Shadow AI vs AI governance: two opposite ways of managing the same adoption

Shadow AI

  • No inventory of tools in use
  • Personal accounts connected to company systems
  • Agents with full access 'for convenience'
  • No logs, no audit trail
  • Everything discovered after an incident

AI governance for SMEs

  • Inventory spreadsheet updated each quarter
  • Dedicated accounts for every agent
  • Least-privilege permissions per process
  • Logs retained for 90 days
  • 30-minute quarterly review

📜 The AI policy on one page: what it actually needs to say

An SME AI policy is not a twenty-page legal document: it is one page that makes five things clear to everyone in the company. One. Which AI tools are approved (Claude Team, Microsoft Copilot, ChatGPT Enterprise — precise names, not "AI in general"). Two. What data must never go into a prompt — customer tax IDs, contracts with confidentiality clauses, passwords, health data, draft proposals not yet sent.

Three. How to request the activation of a new agent or connector: a written request — even just an email — stating the process, the data involved, and the people concerned. Four. Who the AI point of contact is in the company: one named person the team can ask before trying something new. Five. What happens if something goes wrong: no penalty for anyone who reports in good faith, immediate clarification if unauthorised use is discovered.

The point is not to create bureaucracy: it is to give people a clear green/amber/red framework so they stop asking themselves "is this allowed?" every time. SMEs where this one page exists see AI adoption grow faster, not slower: clarity enables, uncertainty blocks.

🗺️ First 30 days: what to do in practice

The approach I recommend unfolds over four weeks, without an IT project and without extraordinary budget. The premise is that lightweight governance works when it starts with the people who already know the processes: operations management, finance, IT — even external IT.

The first concrete deliverable is the inventory spreadsheet by the end of week 1: a bare list of AI tools in use. The second is the one-page policy signed off by the end of week 3. The third is the first quarterly audit scheduled in the calendar before the end of the month. Three artefacts, nothing more, but enough to move out of shadow AI and into governed adoption.

From shadow AI to governance: the 30-day path
  1. 01
    Week 1: censusInventory spreadsheet of AI tools in use, who activated them, data touched.
  2. 02
    Week 2: triageOrphaned access closed, personal accounts replaced with dedicated accounts.
  3. 03
    Week 3: policySingle page covering approved tools, prohibited data, AI owner, request process.
  4. 04
    Week 4: calendarQuarterly audit scheduled, logs activated, first observability report.

Frequently asked questions about shadow AI SMEs

Does an AI policy slow adoption and drive away the most productive people?

No — experience says the opposite: in SMEs where a clear one-page policy exists, AI adoption grows faster, not slower. The reason is straightforward: the employee who today uses ChatGPT under the radar does so because they do not know what is permitted. A clear green/amber/red framework releases the energy that is currently wasted on doubt and workarounds.

Is my SME too small to think about AI governance?

No — quite the opposite: the smaller the SME, the more a data breach hurts. The difference is that governance for a 10–50-person SME is done with an Excel inventory sheet, a one-page policy, and a 30-minute quarterly review. You do not need a Chief AI Officer function: you need one named AI owner, even part-time.

How do I find out what my people are using, without creating a surveillance atmosphere?

Start with an explicit, no-penalty ask: an email to the team saying *"we are collecting the AI tools each person uses, no penalty for reporting". Afterwards, external or internal IT checks the Google Workspace or Microsoft 365 logs to see which third-party applications have active access. In two weeks you have a realistic inventory, *without surprises and without walls.

Let's talk

If this topic is relevant to you, write to me: comparing notes on code and AI is always time well spent.

All articles

More articles from the blog

tips-claude-resume-luglio-2026.mdJuly 10, 2026claude-code-hooks-quality-gate-2026.mdJuly 9, 2026orchestrazione-agenti-ai-multi-agent-dotnet-2026.mdJuly 8, 2026