DEV Community

Cover image for Tracking Which AI Models and Apps Staff Are Sending Data To
Claire Dubois
Claire Dubois

Posted on

Tracking Which AI Models and Apps Staff Are Sending Data To

#ai #security #devops #governance

Tracking Which AI Models and Apps Staff Are Sending Data To

A guide to understanding the risks of shadow AI and the tools available for tracking and governing the AI applications employees use, from network monitoring and endpoint agents to comprehensive AI gateways like Bifrost.

The rapid adoption of generative AI has introduced a significant challenge for IT and security teams: employees are using a wide array of AI tools, often without official approval or oversight. This phenomenon, known as "shadow AI," creates blind spots where sensitive company data can be exposed. A 2026 report from Freshworks found that 86% of IT leaders have seen negative incidents related to the unauthorized use of AI. Understanding which AI models and applications staff are sending data to is the first step toward mitigating this risk. This article examines the problem and explores the modern toolset for gaining visibility and control.

The Rise of Shadow AI and Its Inherent Risks

Shadow AI is a subset of shadow IT and refers to the use of AI tools by employees without the organization's knowledge or approval. Driven by the desire for productivity gains, employees frequently turn to consumer-grade AI applications like ChatGPT, Claude, and various coding assistants, often using personal accounts. While the intent is rarely malicious, the consequences can be severe.

The primary risks associated with shadow AI include:

  • Data Leakage and Intellectual Property Loss: Employees may paste proprietary source code, customer data, financial records, or strategic documents into public AI models. This data can be stored and potentially used to train future versions of the models, creating an irreversible data leak.
  • Compliance and Regulatory Violations: Sending sensitive information, such as protected health information (PHI) or personally identifiable information (PII), into unvetted AI tools can lead to violations of regulations like GDPR, HIPAA, and the EU AI Act.
  • Security Vulnerabilities: Unauthorized applications and browser extensions can expand an organization's attack surface, creating new entry points for malicious actors.

Research shows the problem is widespread. More than 50% of organizations have at least one shadow AI application in use, and employees often use up to five times more AI tools than IT departments are aware of. This makes a clear case for implementing robust monitoring and governance.

Methods for Tracking AI Usage

Gaining visibility into shadow AI requires a multi-layered approach, as no single method can cover all potential channels. Organizations typically rely on a combination of network monitoring, endpoint agents, and browser-level controls.

Network and Cloud-Level Monitoring

The first layer of detection often involves analyzing network traffic to see which AI services are being accessed.

  • Firewall and Proxy Logs: Analyzing logs from firewalls and web proxies can reveal connections to the domains of popular AI tools. This approach can identify which services are being used and by which users or departments.
  • Cloud Access Security Brokers (CASBs): CASB solutions can discover and monitor the use of cloud applications, including many AI services. They can identify usage patterns and enforce basic access policies. Microsoft's Defender for Cloud Apps, for example, can tag and block access to unsanctioned AI applications across an organization.

While network-level monitoring provides a broad overview, it often lacks granular detail about the specific data being sent and can be bypassed by employees using personal devices or VPNs.

An abstract illustration showing data packets being scanned by a magnifying glass as they flow from a laptop icon toward

Endpoint and Device-Level Governance

To get a more detailed view, many organizations turn to solutions that operate directly on employee devices.

  • Endpoint Agents (DLP): Data Loss Prevention (DLP) agents installed on company laptops can monitor and control data movement. These tools can be configured to block users from pasting sensitive data into unapproved websites or applications.
  • MDM Policies: Mobile Device Management (MDM) platforms like Microsoft Intune or Jamf can be used to block the installation of unauthorized AI desktop applications on managed devices.
  • Enterprise Browsers and Extensions: Specialized enterprise browsers or browser extensions can provide deep visibility into web-based AI tools. They can monitor prompts, redact sensitive information in real-time, and enforce policies directly within the browser session where much of today's AI interaction occurs.

Endpoint solutions provide much-needed granularity but can be complex to deploy and manage across a large and diverse fleet of devices. They can also face resistance from employees concerned about privacy.

A Comprehensive Solution: AI Gateways and Endpoint Governance

While the methods above provide visibility, they often result in a fragmented set of policies that are difficult to manage. A more integrated approach combines a centralized AI gateway with an endpoint governance agent.

An AI gateway is an infrastructure layer that acts as a single entry point for all AI traffic within an organization. Instead of applications and users connecting directly to dozens of different model providers, all requests are routed through the gateway. This provides a central point to enforce consistent policies. Key capabilities include:

  • Unified Access Control: Manage which teams and users can access which models.
  • Cost and Budget Management: Set and enforce spending limits per user, team, or project.
  • Audit Logging: Create an immutable record of every prompt and response for compliance and security reviews.
  • Security Guardrails: Automatically block requests containing sensitive data before they reach an external model.

Platforms like the open-source AI gateway Bifrost provide these capabilities, serving as a control plane for all sanctioned AI traffic. However, a gateway alone cannot solve the shadow AI problem, as it only governs traffic that is explicitly configured to pass through it.

This is where endpoint AI governance tools come in. These are lightweight agents that run on employee machines and ensure that all AI traffic—from desktop apps, web browsers, and coding agents—is routed through the organization's central AI gateway. For example, a solution like Bifrost Edge works in tandem with the gateway.

  1. The AI gateway (like Bifrost) serves as the central policy engine.
  2. The endpoint agent (Bifrost Edge) is deployed to all company devices via MDM.
  3. The agent transparently intercepts all AI traffic on the device and routes it through the gateway.

This combined approach provides the best of both worlds: centralized, easy-to-manage policies enforced by the gateway, and comprehensive coverage across all applications and devices provided by the endpoint agent. It allows organizations to move from simply blocking tools to safely enabling them under a unified governance framework.

A visual metaphor of a secure, fortified bridge connecting a laptop on one side to a series of AI model icons on the oth

Establishing a Clear Path Forward

Effectively tracking and managing AI usage requires more than just technology; it also requires clear policy and employee education. An AI Acceptable Use Policy (AUP) is a critical document that outlines which tools are approved, what data can be shared, and the responsibilities of employees when using AI.

By combining a clear AUP with a technical solution that offers both visibility and control, organizations can harness the productivity benefits of AI without exposing themselves to unnecessary risk. The goal is not to block innovation, but to enable it safely and responsibly.

Sources

Top comments (0)