Overview
- 1Password’s 2025 survey of 5,200 knowledge workers found 27% used unapproved AI tools and 37% do not always follow company AI policies, even as 73% say their employers encourage experimentation.
- The report ranks unauthorized AI as the No. 2 shadow IT category after email, with convenience and perceived productivity gains cited as primary reasons for bypassing approvals.
- Employees reported using AI for tasks ranging from summarizing customer calls to analyzing company and customer data and assisting with hiring process reviews, broadening the potential exposure of sensitive information.
- Security leaders warn that generative tools and autonomous agents heighten risks by potentially ingesting confidential data and taking actions that can lead to compliance, legal, or reputational harm.
- Recommended responses include maintaining an inventory of AI tools, enforcing clear policies and data-access controls, adopting federated oversight with licensed agent builders, and offering enterprise deployments and internal marketplaces so agents operate under user permissions.