← Back to all articles
Business CyberSecurity

Your Staff Are Using AI. Do You Know What They’re Putting Into It?

Artificial intelligence tools are now part of everyday working life. ChatGPT, Microsoft Copilot, Google Gemini, Perplexity, Claude, and many others. The list is growing, and staff are using them constantly. Drafting emails, summarising documents, writing proposals, answering questions, generating reports. The productivity gains are real.

The data risk is equally real, and most businesses are not thinking about it.

It Is Not Just One Tool

The conversation around AI data risk tends to focus on ChatGPT because it was the first mainstream tool and the most widely recognised. But the risk is not tool-specific. It applies to any AI platform that a member of staff can access, type information into, and receive a response from.

That includes free web-based versions of Copilot, Gemini, Perplexity, Meta AI, and dozens of others. It includes browser extensions that offer AI assistance as you type. It includes AI features embedded in tools your business may not even know staff are using.

The common factor across all of them is this: someone in your organisation is typing information into a system you do not control, and you have no visibility over what that information is.

What People Are Actually Typing In

This is where the risk becomes concrete. When staff use AI tools to help with their work, they naturally feed those tools with the context needed to get a useful response. That context is often sensitive.

A member of staff drafting a client proposal might paste in the client’s name, budget, requirements, and current contract details. Someone in finance might share revenue figures, forecasts, or supplier terms while asking for help with a spreadsheet. An HR manager might describe an employee situation in detail while asking for guidance on how to respond. A director might paste the content of a board-level document and ask for a summary.

None of these people intended to do something wrong. They were trying to do their job more efficiently. But in each case, sensitive business information, and in many cases personal data about clients or employees, has been sent to an external system.

Where Does It Go?

This is the part that is genuinely misunderstood. The answer varies depending on the tool and the type of account being used.

Many free-tier AI tools have, at various points, used user conversations to improve their models. The specifics change as providers update their terms, and paying for a business or enterprise tier typically provides stronger protections. But the fundamental issue is that most staff are not using business-grade accounts. They are using personal free accounts, often because the business has not provided them with an approved alternative.

Even where data is not used for model training, it is still leaving your organisation. It is being processed on external servers. If there is a data breach at the AI provider, that data could be exposed. If the platform changes its terms of service, your data may be subject to new uses you did not anticipate.

And in most businesses, no one has any record that any of this happened.

The GDPR Problem

If your staff are putting personal data into AI tools, that is not just a security risk. It is a data protection issue.

Under GDPR, you are responsible for the personal data your organisation processes, including where it goes and who has access to it. Sending a client’s personal details, an employee’s HR information, or any other personal data to an external AI platform without appropriate safeguards is likely a breach of your data protection obligations.

The Information Commissioner’s Office has made clear that organisations need to understand how AI tools handle data before using them for anything involving personal information. Most businesses using free AI tools have not done that assessment.

Shadow AI

There is a specific version of this problem that is particularly difficult to manage: shadow AI.

Shadow AI refers to the use of AI tools by staff without the knowledge or approval of the organisation. Just as shadow IT has been a challenge for years, shadow AI is now the same problem at a far greater scale. AI tools are so accessible, so useful, and so frictionless that adoption has been far faster than with previous technology. By the time many businesses become aware that staff are using them, those tools have already been in use for months.

You cannot manage a risk you cannot see. If your business has no AI policy and no approved tools, you almost certainly have staff using AI on personal accounts, feeding in business information, with no oversight and no record.

What Good Looks Like

The solution is not to ban AI. Attempting to prohibit tools that offer genuine productivity benefits is both impractical and counterproductive. Staff will simply use them anyway, more covertly.

The answer is a clear AI usage policy that distinguishes between approved tools and unapproved ones, and explains what categories of information can and cannot be used with any AI platform.

For businesses using Microsoft 365, Microsoft Copilot for M365 is worth understanding. Unlike the free web version of Copilot, the M365 integrated version processes data within your Microsoft tenant. Your data does not leave your environment, is not used to train models, and is subject to the same security controls as the rest of your M365 data. That is a fundamentally different position to a staff member using a free personal AI account.

For tools outside of your approved stack, the policy should be explicit about what is off-limits: client names and data, financial information, employee personal data, anything that is commercially sensitive or subject to confidentiality obligations.

Training matters too. Most staff who put sensitive data into AI tools are not being careless. They do not understand the implications. A short, clear briefing on what AI tools do with data, what the business’s approved tools are, and what information should never be used as AI input is a practical step that most businesses have not taken.

The Risk Is Already Here

This is not a future problem. It is happening now. AI tools have been widely available for over two years. The probability that someone in your organisation has already put sensitive business information into an AI tool is high, regardless of whether you have a policy in place.

The question is not whether to address it. It is how quickly you do so before it results in a breach you are obligated to report, a client who finds out their information was mishandled, or a competitor who gains insight into your business that you did not intend to share.

← Back to all articles
Verified by MonsterInsights