Employees are already using AI tools for writing emails, summarizing notes, organizing research, editing documents, comparing files, and moving the process along faster. That is all part of the normal office routine. The real question is whether the company has any control over the use of the tools.
Netskope’s 2026 Cloud and Threat Report found that 94% of companies are now using generative AI apps. It also found that the number of users has tripled year over year and the volume of data being transmitted to SaaS generative AI apps has increased from 3,000 to 18,000 prompts per month in the average company.
However, the use of generative AI tools has accelerated faster than the governance and management of the tools. Netskope found that 47% of generative AI app users are still using personal AI apps. That creates a basic problem in terms of visibility. A company knows the tools they are paying for, but they do not know the tools the employee is using, the accounts they are using them under, or the information they are pasting into the tools.
The risk scope
This is not a theoretical threat. According to a Netskope report, the number of cases where users are sending sensitive information to AI apps has doubled in the last year. The average organization experiences 223 such cases per month. The report also states that 60% of insider threat cases involve personal cloud app instances where there is the presence of regulated data, intellectual property, source code, and credentials are being sent to personal apps in violation of company policies.
The real issue is not the use of AI. The real issue is the uncontrolled use of AI in regular business processes. A user could use a public chatbot to rewrite a customer email and then use the same app to summarize the minutes from a meeting, examine a contract, polish a spreadsheet, and so on. All these activities appear innocent. The data being used in the activities does not appear innocent.
In many businesses, the staff deals with customer information, employee details, financial documents, vendor contracts, internal reports, prices, forecasts, credentials, and other operational details on a daily basis. If this information is fed into an uncontrolled AI system, there is no way the company knows where this information went, whether it was stored, and who could access it and whether the use can be audited at a later time.
The problem is often compounded by assumptions within the company. A manager in the company may assume the company’s Microsoft and Google stack provides adequate protection for the use of AI. A user could be logged in to a personal Google account in a browser tab right next to the approved company tools. A user could be using a public AI tool as a writing assistant when the prompt includes confidential information, personal data, contract details, and internal strategies.
AI policy
The answer is a real internal policy. Not a vague “be careful with AI” policy. A real policy will spell out what tools are okay, what uses are okay, what data cannot be entered into an AI system, and so forth, who can okay a new tool, and who owns the business account connected to that tool.
It will spell out vendor review, account ownership, access, record retention, verification of results, and use of sensitive data, too. If a business wants employees to use AI productively, it must spell out the limits before ad hoc use becomes the norm.
That is the practical problem with AI: it can save time, but it can also cause unnecessary risk because no one has spelled out the limits of use. The businesses that benefit from AI are typically the ones that have spelled out where AI is okay and where it is not okay.