AI Expands 'Shadow IT' in Enterprises
A 2026 benchmark report from Torii finds that AI adoption is accelerating SaaS sprawl rather than consolidating it. The report indicates that 61% of AI applications in enterprises are unmanaged 'shadow IT,' increasing governance and security risks.
- Shadow IT refers to any software, hardware, or IT resource used on an enterprise network without the IT department's knowledge or oversight; according to Cisco, 80% of employees use shadow IT. The primary drivers are often the ease of access to SaaS solutions and the perception that they offer better functionality than company-approved tools. - The proliferation of unmanaged software, known as SaaS sprawl, is a significant challenge, with 51% of mid-market organizations reporting they have between 100-300 different SaaS tools in their tech stack. Research from 2025 found that 41% of these organizations are adding new SaaS applications every one to three weeks. - Unvetted applications create significant security vulnerabilities, with 74% of endpoints having at least one critical vulnerability. These security gaps can lead to data breaches and non-compliance with regulations like GDPR and HIPAA, potentially resulting in large fines and legal action. - The financial impact of unmanaged software is substantial, as organizations typically overspend by an average of 25-30% on unused or underutilized IT assets. A lack of visibility is a key factor, with IT departments often only being aware of about 60% of the SaaS tools in use across the company. - The adoption of generative AI tools by employees is a growing contributor to shadow IT, with one 2025 report finding that 15% of employees routinely use unsanctioned generative AI applications on corporate devices. - To regain control, companies are turning to SaaS Management Platforms (SMPs) like BetterCloud, Lumos, and Zluri. These platforms are designed to discover all applications in use, including shadow IT, to manage user access, optimize software spending, and enforce security policies. - Key features of modern SMPs include automated discovery of all cloud apps, risk assessments of unauthorized tools, and automated workflows for employee onboarding and offboarding to manage access permissions. - The market for AI-powered SaaS is expected to grow significantly, with one projection estimating a compound annual growth rate of 38.28%, reaching $775.44 billion by 2031. This growth suggests that the challenge of managing AI-driven shadow IT will become increasingly critical for enterprises.
