Report: AI Is Accelerating 'Shadow IT' and SaaS Sprawl
A new benchmark report from Torii finds that the proliferation of AI tools is expanding, not consolidating, corporate software usage. The study indicates that AI is accelerating SaaS sprawl, with an estimated 61% of applications being unmanaged "shadow IT." This trend is reportedly increasing governance and security risks for enterprises.
- "Shadow IT" refers to any software, hardware, or IT resource used on a company network without the knowledge or oversight of the IT department. It often arises when employees seek more efficient tools or try to bypass slow internal approval processes. - The average enterprise now utilizes over 830 applications, with large enterprises averaging 2,191. Of all discovered applications, only 15.5% are formally sanctioned by IT departments. - SaaS sprawl, the uncontrolled proliferation of cloud-based applications, leads to redundant tools, wasted spending on unused licenses, and data silos that hinder collaboration. One common consequence is "data sprawl," where decentralized and duplicated data across various platforms creates security risks and reporting difficulties. - Unvetted applications that constitute shadow IT often lack proper security controls, such as data encryption and robust access management, increasing the risk of data breaches. Failure to manage SaaS lifecycles can make an organization five times more susceptible to such security incidents. - While AI-powered tools are accelerating engineering team velocity, a 2026 benchmark report found that this speed comes at a cost. Incidents per pull request have increased by 23.5%, and change failure rates are up by approximately 30%. - To regain control, experts recommend implementing SaaS Management Platforms (SMPs) to discover all applications in use, including shadow IT. These platforms provide centralized visibility to track usage, manage licenses, and identify security risks. - The rise of shadow IT is pushing organizations to adopt new governance roles, with 90% of companies now having a Chief Data Officer (CDO). A newer role, the Chief AI Officer (CAIO), is also emerging to formalize accountability for AI systems, with 38.5% of organizations reporting an equivalent position. - Employees often turn to shadow IT because they are unaware of existing, approved tools that could meet their needs. Improving internal communication and featuring available applications on a centralized platform can help reduce the use of unsanctioned software.
