The shadow AI policy that works has three parts: provide approved tools good enough that workarounds feel pointless, offer amnesty so people disclose what they already use, and publish data rules that say what can go where, in one page. Bans don't stop shadow AI; they stop you from seeing it.
Why bans fail
An employee using an unapproved AI tool is saving hours on real work. A ban asks them to give those hours back and offers nothing in return, so they switch to a personal device and you lose the one thing that mattered: visibility. Every blocked tool with no alternative is a policy that trains people to hide.
- The workaround is always available: personal accounts, personal devices.
- Enforcement is invisible: you can't detect paste operations into a browser.
- The incentive is asymmetric: hours saved daily versus a rule read once.
- The real casualty is reporting, nobody discloses usage of a banned tool.
The three-part policy
- 1Paved road: an approved AI toolset (with SSO, logging and data controls) that covers the top use cases, drafting, summarizing, coding, search, and is at least as good as the shadow tools. Speed of approval for new tools is part of the road.
- 2Amnesty and disclosure: a standing, blame-free channel to declare 'I use X for Y.' The declared list becomes your shadow AI inventory, and your roadmap for what to approve next.
- 3Data rules, one page: public data anywhere; internal data in approved tools only; customer, personal and regulated data only where a data agreement exists. Three sentences people remember beat forty pages they don't read.
Rolling it out without drama
- Announce the paved road and the amnesty together, alternative first, rules second.
- Approve the top three disclosed tools fast, or explain why not, responsiveness is the policy's credibility.
- Review the inventory quarterly in the AI operating review.
- Reserve consequences for knowing data violations after clear rules, not for having used a tool before the rules existed.