Think Shadow AI is bad? Sneaky AI is worse

The many IT risks associated with Shadow IT — and especially Shadow AI and Shadow IoT — are well-known and understandably well-feared. But there is a new form of Shadow IT on the horizon: “Sneaky IT.” 

Shadow IT  involves an end-user who bypasses IT and the enterprise security people and whips out a payment card to secure services elsewhere. That delivers a variety of unknown threats into the enterprise environment. But what happens when a trusted vendor adds new elements to its service — especially if it’s SaaS — and never mentions it? That poses a similar risk, both of which relate to environment visibility or, in the case of Sneaky IT, the absence of visibility. 

This has the potential to cause major compliance problems as well as data-control problems. When a regulator asks how an enterprise is using generativeAI (genAI) and for what, a CIO needs to be able to answer that completely, truthfully and honestly. 

Sneaky IT makes that all but impossible. 

One of my favorite examples of Sneaky IT came in the form of Sneaky IoT. It was several years ago and involved a large midwestern manufacturing company. It had been using a handful of highly-specialized suppliers for  massive pieces of equipment to run the assembly line — and it  knew the machines intimately. 

Then the vendor decided to install a bunch of microphones in the machines to help predict repair problems before they happened. (Given that it was leveraging IoT mics and Machine Learning to do the audio analysis, I suppose it was both sneaky IoT as well as sneaky AI.)

One day, there was a malfunction. While waiting for the vendor’s repair crew to arrive, some of the assembly line workers tried dismantling the machines and discovered the microphones. The asembly line manager was livid that the vendor never informed — let alone asked — before installing what he saw as spy devices in his environment.

GenAI tools are being snuck into products at a far greater pace. To be fair, vendors are generally announcing that they are now using AI — especially when they are indeed not using it. But they are rarely sufficiently specific for an enterprise IT team to make an informed decision. And it’s certainly not specific enough to answer the questions of any regulator.

From the perspective of IT, the difference between Shadow AI and Sneaky AI is vast. IT can demand that employees and contractors not use unauthorized systems, but IT management does not have the tools nor the time to investigate Shadow abuses. Candidly, if an employee grabs their phone, accesses ChatGPT and then uses that answer in their document, how could anyone in IT possibly know? 

But Sneaky AI involves vendors IT is paying. Although IT can imply a threat for employees to be fired if they engage in Shadow AI, few employees believe that threat. If, however, a vendor gets the enterprise into compliance trouble because they didn’t deliver on all contractual disclosures and other obligations, the fear of not being renewed (and maybe getting sued) is quite real.

I have heard a wide range of vendors describe this SneakyAI problem, but they label it ShadowIT. Beyond the clear definitional issue, by falsely lumping the two together, vendors are making it more difficult to find a way to fix it. Maybe doing so is already beyond scope, but let’s at least try to minimize the nightmare slightly.

The possibility of Sneaky IT should be directly addressed in vendor contracts. The goal is to get enterprise IT decision-makers back to a place where they know what they are buying and  installing in their systems. That means going well beyond notification and demanding early notification and seeking permission.

No, this isn’t suggesting a major SaaS vendor will wait until all of its customers give their permission before rolling out a new capability. But enterprise IT has the right to opt out and say, in essence, “This isn’t what we bought. And it’s absolutely not what we want and we have no intention of paying for it.” 

From a contract position, the vendor must give advance notice (six months, a year?) of any material change in capabilities or methods. If the customer doesn’t want it, they must be able to get out of their current agreement with no financial penalty. If they signed a five-year contract and paid in advance for a discount and only one year has passed, they should be given a full refund of the remaining term.

As a practical matter, enterprises might get a lot of resistance adding such terms for license deals already in effect. But it is a reasonable ask, since it’s not IT that’s changed the terms of the arrangement. IT bought XYZ and the vendor decided to change it. The vendor broke the deal.

The simple solution is to immediately add such requirements to every RFP. If a vendor wants to bid for your business, they have to agree to this provision before the negotiations begin.