{"id":25844,"date":"2026-02-19T10:41:17","date_gmt":"2026-02-19T15:41:17","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=25844"},"modified":"2026-02-19T10:42:43","modified_gmt":"2026-02-19T15:42:43","slug":"shadow-ai-risk-browsers","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/","title":{"rendered":"Shadow AI: The hidden security risk in your clients&#8217; browsers"},"content":{"rendered":"<p><span data-contrast=\"auto\">You might have firewalls and\u00a0<\/span><span data-contrast=\"auto\">discovery<\/span><span data-contrast=\"auto\">\u00a0scans in place, but a new kind of risk is slipping right past them. Your clients&#8217; employees just want to get their work done faster, but that\u00a0<\/span><span data-contrast=\"auto\">drive for<\/span><span data-contrast=\"auto\">\u00a0efficiency is creating a massive blind spot.\u00a0<\/span><span data-contrast=\"auto\">We call it s<\/span><span data-contrast=\"auto\">hadow AI<\/span><span data-contrast=\"auto\">, and\u00a0<\/span><span data-contrast=\"auto\">i<\/span><span data-contrast=\"auto\">t\u00a0<\/span><span data-contrast=\"auto\">happens wh<\/span><span data-contrast=\"auto\">en<\/span><span data-contrast=\"auto\">\u00a0employees grab AI tools like ChatGPT, Claude<\/span><span data-contrast=\"auto\">\u00a0or even sneaky AI features baked into everyday apps\u00a0without running it by IT or security first.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">As an MSP serving businesses, you know this is a step beyond classic shadow IT. These tools often hide in browser extensions, personal SaaS logins<\/span><span data-contrast=\"auto\">\u00a0or plugins within approved apps like Microsoft Office or CRMs, dodging your usual firewalls and discovery scans.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Reports show up to\u00a0<\/span><a href=\"https:\/\/www.techcentral.ie\/shadow-ai-is-widespread-and-executives-use-it-the-most\/\"><span data-contrast=\"none\">70% of workers are already doing this<\/span><\/a><span data-contrast=\"auto\">, turning quick productivity boosts into hidden risks for your clients.<\/span><span data-contrast=\"auto\">\u200b\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Real-world\u00a0<\/span><span data-contrast=\"none\">consequences<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">T<\/span><span data-contrast=\"auto\">o understand the stakes, we have to look beyond the statistics.<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">Real-world examples make the\u00a0problem crystal\u00a0clear.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Customer data leaks<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Picture a support rep pasting full customer tickets<\/span><span data-contrast=\"auto\">\u00a0with<\/span><span data-contrast=\"auto\">\u00a0information like\u00a0names, emails<\/span><span data-contrast=\"auto\">\u00a0and\u00a0even payment details,\u00a0into a free chatbot for instant replies, only for that data to get stored or fed into the AI&#8217;s training model.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Financial exposure<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Finance teams\u00a0<\/span><span data-contrast=\"auto\">often\u00a0<\/span><span data-contrast=\"auto\">upload expense spreadsheets to AI summarizers, accidentally leaking vendor\u00a0info.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">IP theft<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Marketers feed client campaign data into copywriting AIs, or developers\u00a0test\u00a0code snippets in unapproved copilots.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">We&#8217;ve\u00a0seen\u00a0<\/span><span data-contrast=\"auto\">high-profile\u00a0<\/span><span data-contrast=\"auto\">cases\u00a0like\u00a0<\/span><a href=\"https:\/\/www.theverge.com\/2023\/5\/2\/23707796\/samsung-ban-chatgpt-generative-ai-bing-bard-employees-security-concerns\"><span data-contrast=\"none\">Samsung\u00a0<\/span><span data-contrast=\"none\">bann<\/span><span data-contrast=\"none\">ing<\/span><span data-contrast=\"none\">\u00a0ChatGPT<\/span><\/a><span data-contrast=\"auto\">\u00a0after engineers leaked chip designs<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">and\u00a0<\/span><a href=\"https:\/\/www.deccanherald.com\/business\/companies\/explained-why-amazon-is-restricting-its-employees-from-using-generative-ai-tools-like-chatgpt-2909975\"><span data-contrast=\"none\">Amazon\u00a0<\/span><span data-contrast=\"none\">restrict<\/span><span data-contrast=\"none\">ing<\/span><span data-contrast=\"none\">\u00a0tools<\/span><\/a><span data-contrast=\"auto\">\u00a0after confidential code went public<\/span><span data-contrast=\"auto\">.\u00a0These\u00a0incidents mirror what smaller clients face daily, with\u00a0<\/span><a href=\"https:\/\/www.techmonitor.ai\/digital-economy\/ai-and-automation\/57-enterprise-employees-input-confidential-data-ai-tools\"><span data-contrast=\"none\">57-68% of employees admitting to inputting sensitive info<\/span><\/a><span data-contrast=\"auto\">\u00a0into personal AI accounts.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">The business impact<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">The business fallout\u00a0<\/span><span data-contrast=\"auto\">of shadow AI\u00a0<\/span><span data-contrast=\"auto\">is brutal and hits your clients where it hurts.\u00a0<\/span><span data-contrast=\"auto\">Here\u2019s<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">what\u2019s<\/span><span data-contrast=\"auto\">\u00a0at stake:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Data exfiltration<\/span><\/b><span data-contrast=\"auto\">:<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">Trade\u00a0<\/span><span data-contrast=\"auto\">s<\/span><span data-contrast=\"auto\">ecrets,\u00a0intellectual property<\/span><span data-contrast=\"auto\">\u00a0or customer PII end up in\u00a0<\/span><span data-contrast=\"auto\">un<\/span><span data-contrast=\"auto\">control<\/span><span data-contrast=\"auto\">led systems<\/span><span data-contrast=\"auto\">, sparking breaches, NDA violations,\u00a0regulatory issues<\/span><span data-contrast=\"auto\">\u00a0or mandatory notifications.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Compliance<\/span><\/b><b><span data-contrast=\"auto\">\u00a0failures<\/span><\/b><span data-contrast=\"auto\">:<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">GDPR, HIPAA, PCI DSS<\/span><span data-contrast=\"auto\">\u00a0or SOC 2\u00a0<\/span><span data-contrast=\"auto\">requirements crumble\u00a0<\/span><span data-contrast=\"auto\">when you\u00a0<\/span><span data-contrast=\"auto\">can<\/span><span data-contrast=\"auto\">\u2019t<\/span><span data-contrast=\"auto\">\u00a0prove data residency, retention<\/span><span data-contrast=\"auto\">\u00a0or processing standards.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Audit nightmares<\/span><\/b><span data-contrast=\"auto\">:<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">AI-driven decisions,\u00a0like HR hires, sales forecasts<\/span><span data-contrast=\"auto\">\u00a0or vendor picks,\u00a0become\u00a0untraceable\u00a0black boxes, inviting lawsuits or audits with no defense<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Vendor sprawl<\/span><\/b><span data-contrast=\"auto\">:<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">An\u00a0<\/span><span data-contrast=\"auto\">unknown\u00a0<\/span><span data-contrast=\"auto\">ecosystem of\u00a0<\/span><span data-contrast=\"auto\">AI vendors weaken<\/span><span data-contrast=\"auto\">s<\/span><span data-contrast=\"auto\">\u00a0your security posture\u00a0<\/span><span data-contrast=\"auto\">and\u00a0<\/span><span data-contrast=\"auto\">increas<\/span><span data-contrast=\"auto\">es<\/span><span data-contrast=\"auto\">\u00a0risk\u00a0<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Incident response chaos<\/span><\/b><span data-contrast=\"auto\">:<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">IT\u00a0<\/span><span data-contrast=\"auto\">can\u2019t<\/span><span data-contrast=\"auto\">\u00a0respond effectively to breaches when they don\u2019t<\/span><span data-contrast=\"auto\">\u00a0even know\u00a0<\/span><span data-contrast=\"auto\">which\u00a0<\/span><span data-contrast=\"auto\">tools<\/span><span data-contrast=\"auto\">\u00a0are in use<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<h2><span data-contrast=\"none\">How to help your clients fight back<\/span><\/h2>\n<p><span data-contrast=\"auto\">You can <\/span><span data-contrast=\"auto\">h<\/span><span data-contrast=\"auto\">elp your clients\u00a0<\/span><span data-contrast=\"auto\">take control by implementing<\/span><span data-contrast=\"auto\">\u00a0a rock-solid AI Acceptable Use Policy<\/span><span data-contrast=\"auto\">.<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">P<\/span><span data-contrast=\"auto\">osition<\/span><span data-contrast=\"auto\">\u00a0this not just as a rule, but\u00a0<\/span><span data-contrast=\"auto\">as your\u00a0MSP differentiator.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Here\u2019s<\/span><span data-contrast=\"auto\">\u00a0a framework to k<\/span><span data-contrast=\"auto\">eep it simple<\/span><span data-contrast=\"auto\">\u00a0and effective<\/span><span data-contrast=\"auto\">:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ol>\n<li><b><span data-contrast=\"auto\">Define the terms<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Clearly define &#8220;AI tools&#8221; (chatbots, copilots, generators) and &#8220;shadow AI&#8221; as any unapproved use.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"Arial\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Classify data<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Strictly ban inputting regulated data, secrets, customer info<\/span><span data-contrast=\"auto\"> or\u00a0IP into non-vetted tools.\u00a0\u00a0Only &#8220;public&#8221; data\u00a0should be\u00a0allowed, and even\u00a0then\u00a0through approved channels.<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"Arial\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Mandate a fast-track approval process<\/span><\/b><b><span data-contrast=\"auto\">:<\/span><\/b><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">Staff should\u00a0submit\u00a0requests via ticket with\u00a0<\/span><span data-contrast=\"auto\">the\u00a0<\/span><span data-contrast=\"auto\">business\u00a0need, data types<\/span><span data-contrast=\"auto\"> and vendor details.<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"Arial\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Inventory everything<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Centrally inventory all tools as\u00a0<\/span><span data-contrast=\"auto\">a<\/span><span data-contrast=\"auto\">pproved,\u00a0<\/span><span data-contrast=\"auto\">l<\/span><span data-contrast=\"auto\">imited<\/span><span data-contrast=\"auto\">\u00a0or\u00a0<\/span><span data-contrast=\"auto\">b<\/span><span data-contrast=\"auto\">anned with quarterly reviews.<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"%1.\" data-font=\"Arial\" data-listid=\"4\" data-list-defn-props=\"{&quot;335552541&quot;:0,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769242&quot;:[65533,0],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;%1.&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Require security checks<\/span><\/b><b><span data-contrast=\"auto\">:\u00a0<\/span><\/b><span data-contrast=\"auto\">Before greenlighting a tool,<\/span><span data-contrast=\"auto\">require\u00a0<\/span><span data-contrast=\"auto\">SOC 2 reports, data processing agreements,\u00a0responsible AI governance<\/span><span data-contrast=\"auto\">\u00a0and sub-processor lists<\/span><span data-contrast=\"auto\">.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ol>\n<p><span data-contrast=\"auto\">To make this stick,\u00a0<\/span><span data-contrast=\"auto\">a<\/span><span data-contrast=\"auto\">ssign owners<\/span><span data-contrast=\"auto\">: I<\/span><span data-contrast=\"auto\">T for tech, legal for compliance<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">and\u00a0<\/span><span data-contrast=\"auto\">business leads for use\u00a0cases<\/span><span data-contrast=\"auto\">.<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">R<\/span><span data-contrast=\"auto\">oll out short annual training with real examples of &#8220;bad prompts<\/span><span data-contrast=\"auto\">&#8220;<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">so employees understand the risk.<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">And finally,\u00a0<\/span><span data-contrast=\"auto\">i<\/span><span data-contrast=\"auto\">nclude monitoring notices and tie violations to existing discipline rules.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{&quot;335559685&quot;:0}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Prevention through browser security<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Policies are essential, but technical controls are what verify them.\u00a0<\/span><span data-contrast=\"auto\">ean\u00a0heavily\u00a0into browser controls you already\u00a0should be\u00a0managing\u00a0for\u00a0clients.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Lock down the browser<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Use DNS filtering, content\u00a0filters<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">or\u00a0browser security tools (<\/span><span data-contrast=\"auto\">l<\/span><span data-contrast=\"auto\">ike\u00a0<\/span><a href=\"https:\/\/www.sherweb.com\/security\/defensx\"><span data-contrast=\"none\">DefensX<\/span><\/a><span data-contrast=\"auto\">)\u00a0to block public AI domains\u00a0while whitelisting safe ones.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Create security baselines<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Lock browsers<\/span><span data-contrast=\"auto\">\u00a0to\u00a0managed\u00a0profiles\u00a0and security configurations<\/span><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">A<\/span><\/b><b><span data-contrast=\"auto\">u<\/span><\/b><b><span data-contrast=\"auto\">dit and zap<\/span><\/b><span data-contrast=\"auto\">: Au<\/span><span data-contrast=\"auto\">dit fleets weekly to spot new AI add-ons and\u00a0<\/span><span data-contrast=\"auto\">remove\u00a0<\/span><span data-contrast=\"auto\">them<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">immediately<\/span><span data-contrast=\"auto\">.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:720,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278,&quot;335559991&quot;:360}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Deploy DLP<\/span><\/b><b><span data-contrast=\"auto\">:\u00a0<\/span><\/b><span data-contrast=\"auto\">Use DLP<\/span><span data-contrast=\"auto\">\u00a0or CASB to scan uploads and halt sensitive patterns (PII, code, contracts) heading to AI sites.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:720,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278,&quot;335559991&quot;:360}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"5\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">SSO + MFA<\/span><\/b><span data-contrast=\"auto\">:\u00a0<\/span><span data-contrast=\"auto\">Enforce SSO\u00a0<\/span><span data-contrast=\"auto\">and<\/span><span data-contrast=\"auto\">\u00a0MFA for approved tools only, and pipe logs from proxies, EDR<\/span><span data-contrast=\"auto\">\u00a0and browsers into one dashboard to flag anomalies like sudden AI traffic spikes.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:720,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278,&quot;335559991&quot;:360}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">To avoid pushback, provide alternatives\u00a0like\u00a0enterprise AI in M365, governed IDE copilots<\/span><span data-contrast=\"auto\">\u00a0or\u00a0custom workflows that deliver the speed without the risk.<\/span><span data-contrast=\"auto\">\u200b<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278,&quot;335559991&quot;:0}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Turn a liability into an opportunity<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">As\u00a0<\/span><span data-contrast=\"auto\">an\u00a0<\/span><span data-contrast=\"auto\">MSP,\u00a0<\/span><span data-contrast=\"auto\">you must\u00a0<\/span><span data-contrast=\"auto\">own this space<\/span><span data-contrast=\"auto\">.<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">C<\/span><span data-contrast=\"auto\">raft policies, deploy controls, run\u00a0trainings<\/span><span data-contrast=\"auto\">\u00a0and\u00a0report on\u00a0shadow AI trends monthly.\u00a0<\/span><span data-contrast=\"auto\">You can\u00a0<\/span><span data-contrast=\"auto\">t<\/span><span data-contrast=\"auto\">urn\u00a0a lurking\u00a0liability into a revenue strea<\/span><span data-contrast=\"auto\">m by s<\/span><span data-contrast=\"auto\">ecur<\/span><span data-contrast=\"auto\">ing<\/span><span data-contrast=\"auto\">\u00a0AI governance as a managed service<\/span><span data-contrast=\"auto\">.<\/span><span data-contrast=\"auto\">\u00a0This<\/span><span data-contrast=\"auto\">\u00a0protects data, nails compliance<\/span><span data-contrast=\"auto\">\u00a0and lets clients innovate safely. Your clients win big, and you become their go-to AI security partner<\/span><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Shadow AI\u00a0<\/span><span data-contrast=\"auto\">isn&#8217;t<\/span><span data-contrast=\"auto\">\u00a0going away. Your clients&#8217; employees will keep using these tools because\u00a0<\/span><span data-contrast=\"auto\">they&#8217;re<\/span><span data-contrast=\"auto\">\u00a0fast,\u00a0<\/span><span data-contrast=\"auto\">helpful<\/span><span data-contrast=\"auto\">\u00a0and easy to access. The question\u00a0<\/span><span data-contrast=\"auto\">now is\u00a0<\/span><span data-contrast=\"auto\">whether\u00a0<\/span><span data-contrast=\"auto\">you\u2019ll<\/span><span data-contrast=\"auto\">\u00a0help them use\u00a0<\/span><span data-contrast=\"auto\">AI<\/span><span data-contrast=\"auto\"> safely. By stepping in with clear policies, smart <\/span><span data-contrast=\"auto\">controls<\/span><span data-contrast=\"auto\"> and ongoing education, you turn a hidden risk into a competitive advantage.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Don&#8217;t<\/span><span data-contrast=\"auto\">\u00a0let shadow AI catch your clients off guard. Start the conversation today.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Want<\/span><span data-contrast=\"none\">\u00a0to discuss AI governance strategies with\u00a0<\/span><span data-contrast=\"none\">other MSPs<\/span><span data-contrast=\"none\">?<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559737&quot;:0,&quot;335559738&quot;:160,&quot;335559739&quot;:80,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Join\u00a0<\/span><span data-contrast=\"auto\">the\u00a0<\/span><a href=\"https:\/\/info.sherweb.com\/cybermsp-community\"><span data-contrast=\"none\">CyberMSP Community<\/span><\/a><span data-contrast=\"auto\">\u00a0to\u00a0share insights<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">and best practices for securing the modern\u00a0<\/span><span data-contrast=\"auto\">AI\u00a0<\/span><span data-contrast=\"auto\">landscape.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>You might have firewalls and\u00a0discovery\u00a0scans in place, but a new kind of risk is slipping right","protected":false},"author":188,"featured_media":25845,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1151,1156,1163,753],"tags":[919,1071,1131,1200],"class_list":["post-25844","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai-perspectives","category-sherweb-perspectives","category-human-risk-awareness","category-security","tag-cybersecurity","tag-ai","tag-browser-security-for-msps","tag-shadow-ai"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Shadow AI: Risks, real-world examples and MSP solutions | Sherweb<\/title>\n<meta name=\"description\" content=\"70% of employees use unapproved AI tools. Learn how MSPs can spot shadow AI, prevent data leaks and build effective governance policies.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Shadow AI: Risks, real-world examples and MSP solutions | Sherweb\" \/>\n<meta property=\"og:description\" content=\"70% of employees use unapproved AI tools. Learn how MSPs can spot shadow AI, prevent data leaks and build effective governance policies.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-19T15:41:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-19T15:42:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/Hero_1200x480-4.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1800\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Roddy Bergeron\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roddy Bergeron\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/\"},\"author\":{\"name\":\"Roddy Bergeron\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"headline\":\"Shadow AI: The hidden security risk in your clients&#8217; browsers\",\"datePublished\":\"2026-02-19T15:41:17+00:00\",\"dateModified\":\"2026-02-19T15:42:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/\"},\"wordCount\":939,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-4.jpg\",\"keywords\":[\"Cybersecurity\",\"AI\",\"browser security for MSPs\",\"Shadow AI\"],\"articleSection\":[\"AI Perspectives\",\"Sherweb Perspectives\",\"Human Risk &amp; Awareness\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/\",\"name\":\"Shadow AI: Risks, real-world examples and MSP solutions | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-4.jpg\",\"datePublished\":\"2026-02-19T15:41:17+00:00\",\"dateModified\":\"2026-02-19T15:42:43+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\"},\"description\":\"70% of employees use unapproved AI tools. Learn how MSPs can spot shadow AI, prevent data leaks and build effective governance policies.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-4.jpg\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/Hero_1200x480-4.jpg\",\"width\":1800,\"height\":720,\"caption\":\"Shadow AI: Risks, real-world examples and MSP solutions\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/shadow-ai-risk-browsers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sherweb Perspectives\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/sherweb-perspectives\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"AI Perspectives\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/sherweb-perspectives\\\/ai-perspectives\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Shadow AI: The hidden security risk in your clients&#8217; browsers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/f6a0c8e1d541dbeb57fd3e025b325795\",\"name\":\"Roddy Bergeron\",\"description\":\"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\\\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/roddy-bergeron-cissp-ccsp-csap-33432573\\\/\"],\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/roddy-bergeron\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Shadow AI: Risks, real-world examples and MSP solutions | Sherweb","description":"70% of employees use unapproved AI tools. Learn how MSPs can spot shadow AI, prevent data leaks and build effective governance policies.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/","og_locale":"en_US","og_type":"article","og_title":"Shadow AI: Risks, real-world examples and MSP solutions | Sherweb","og_description":"70% of employees use unapproved AI tools. Learn how MSPs can spot shadow AI, prevent data leaks and build effective governance policies.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2026-02-19T15:41:17+00:00","article_modified_time":"2026-02-19T15:42:43+00:00","og_image":[{"width":1800,"height":720,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/Hero_1200x480-4.jpg","type":"image\/jpeg"}],"author":"Roddy Bergeron","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"Roddy Bergeron","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/"},"author":{"name":"Roddy Bergeron","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"headline":"Shadow AI: The hidden security risk in your clients&#8217; browsers","datePublished":"2026-02-19T15:41:17+00:00","dateModified":"2026-02-19T15:42:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/"},"wordCount":939,"commentCount":0,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-4.jpg","keywords":["Cybersecurity","AI","browser security for MSPs","Shadow AI"],"articleSection":["AI Perspectives","Sherweb Perspectives","Human Risk &amp; Awareness","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/","url":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/","name":"Shadow AI: Risks, real-world examples and MSP solutions | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-4.jpg","datePublished":"2026-02-19T15:41:17+00:00","dateModified":"2026-02-19T15:42:43+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795"},"description":"70% of employees use unapproved AI tools. Learn how MSPs can spot shadow AI, prevent data leaks and build effective governance policies.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#primaryimage","url":"\/blog\/wp-content\/uploads\/Hero_1200x480-4.jpg","contentUrl":"\/blog\/wp-content\/uploads\/Hero_1200x480-4.jpg","width":1800,"height":720,"caption":"Shadow AI: Risks, real-world examples and MSP solutions"},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/shadow-ai-risk-browsers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Sherweb Perspectives","item":"https:\/\/www.sherweb.com\/blog\/category\/sherweb-perspectives\/"},{"@type":"ListItem","position":3,"name":"AI Perspectives","item":"https:\/\/www.sherweb.com\/blog\/category\/sherweb-perspectives\/ai-perspectives\/"},{"@type":"ListItem","position":4,"name":"Shadow AI: The hidden security risk in your clients&#8217; browsers"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/f6a0c8e1d541dbeb57fd3e025b325795","name":"Roddy Bergeron","description":"Roddy Bergeron's career has taken various paths including government auditing, nonprofit work, public\/private partnerships with the State of Louisiana, helping build an MSP by building their managed service, managed security, vCISO and compliance programs, and now as the Cybersecurity Technical Fellow with Sherweb. Roddy has obtained many certifications over the years including his MCSE, CCNA:Security, CEH, CCSP, CISSP and CSAP. Our MSP community is extremely important to Roddy and he loves giving back to the community that has helped him out so much over the years. Roddy hopes to continue to help other MSPs succeed and raise the cybersecurity tide for our industry.","sameAs":["https:\/\/www.linkedin.com\/in\/roddy-bergeron-cissp-ccsp-csap-33432573\/"],"url":"https:\/\/www.sherweb.com\/blog\/author\/roddy-bergeron\/"}]}},"tag_names":["Cybersecurity","AI","browser security for MSPs","Shadow AI"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/188"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=25844"}],"version-history":[{"count":1,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25844\/revisions"}],"predecessor-version":[{"id":25846,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/25844\/revisions\/25846"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/25845"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=25844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=25844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=25844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}