From shadow AI to governed AI in the enterprise: the role of SAIWALL Secure SD-WAN

Several recent studies in Spain indicate that a significant proportion—around 60%—of employees who use AI do so without clear guidelines or formal supervision from their company. This uncontrolled use is particularly prevalent in areas such as marketing, finance, human resources, and customer service, where employees often resort to text assistants, analysis tools, or image generators with the intention of increasing efficiency.

Much of this use occurs outside the visibility and control of the Information Technology (IT) department. When these practices share sensitive internal data and the tools have not been approved or monitored by IT, this use of AI is considered shadow AI within the organization.

The current challenge for companies is how to move from shadow AI to a governed AI model that is secure and aligned with business objectives. In this process, network architecture, specifically an architecture such as SAIWALL Secure SD-WAN, plays a key role.

Shadow AI refers to when employees or teams use artificial intelligence tools without the knowledge or approval of the IT department or data managers. It can be as simple as copying a contract excerpt into a public chatbot to summarize it, using a code assistant to speed up development, or uploading customer files to an AI-based analytics platform.

However, not all use of generative AI tools is problematic. We talk about shadow AI when employees use these platforms with data that should not leave the organization and do so without IT approval or oversight.

Specific examples of data that make this use high-risk shadow AI include:

• Lists of customers with names, email addresses, phone numbers, or internal identifiers designed to segment campaigns.

   

• Copy an entire contract, NDA (non-disclosure agreement), or legal claim for the AI to summarize or modify a response.

   

• Paste snippets of proprietary code, automation scripts, or production SQL queries to debug them or optimize performance.

   

• Share screenshots or texts with credentials, API keys, or internal administration URLs.

   

• Enter sales forecasts, margins, future prices, or strategic plans into an AI tool to generate presentations or internal reports.

Shadow AI is a growing risk for companies, as it involves risks such as:

Data leaks and exposure of intellectual property

When an employee pastes sensitive information into an external AI service, they are exposing data outside the company's controlled perimeter. This includes everything from personal data of customers or employees to proprietary code, algorithms, or critical internal documentation.

Regulatory compliance risks and penalties

Regulations such as the General Data Protection Regulation (GDPR) and other industry standards are part of data governance in the organization: they require knowing where personal data is stored, who processes it, and for what purpose. In addition, the new European Artificial Intelligence Act (AI Act) reinforces the importance of governance, traceability, and risk management in the corporate use of AI, making technological visibility and control over infrastructure even more relevant.

Loss of information integrity and erroneous business decisions

Generative AI models can produce inaccurate, biased, or outright false results if not used with the appropriate controls.

Increased attack surface

Shadow AI tools can become new entry vectors for attacks, more sophisticated phishing campaigns, or data exfiltration through prompt injections and other types of model manipulation.

Operational blindness for IT and security

Without visibility or control on the network, it is very difficult to establish governance policies and protocols to detect anomalous behavior or react to incidents related to shadow AI.

Moving from shadow AI to governed AI requires several steps. The fundamentals are: defining an acceptable use policy, training people, and, above all, equipping yourself with the technical capabilities to answer three basic questions on an ongoing basis.

• What AI services are actually being used?
• Who uses them and from where?
• What patterns or categories of use can be detected in traffic to these AI platforms?

Without this visibility, any attempt at governance remains purely theoretical. And in distributed environments, that visibility can only come from the network. Traditional architectures based on MPLS and perimeter security models were not designed for this level of granularity and dynamism. This is where an architecture such as SAIWALL Secure SD WAN becomes central to evolving toward a governed AI model.

SAIWALL Secure SD WAN is Saima Systems' platform designed to centrally, securely, and scalably manage a company's communications network, interconnecting all its branches via SD WAN. Its capabilities allow for optimized connectivity and the construction of a solid AI governance framework on the network.

Centralized visibility of traffic and applications

SAIWALL Secure SD WAN offers a single console with a 360º view of the status of the entire network, allowing real-time monitoring of traffic between locations, to the Internet, and to cloud environments. This visibility makes it easy to identify AI applications and services that are being used, even if they are not officially approved, and to analyze usage patterns by location or user profile.

Granular segmentation and access control

The solution, with end-to-end encryption, allows you to apply unified security policies and segment traffic by location, department, or application type. This makes it possible to define granular access based on user, location, and traffic type to isolate critical systems, restrict access to AI services to certain groups only, and limit the exchange of sensitive data outside authorized environments. This opens the door to a governed AI model.

Integrated advanced security

SAIWALL Secure SD WAN integrates an advanced firewall with deep traffic inspection, web proxy for category filtering, IPS/IDS, and other cybersecurity features that allow you to inspect and control users' web browsing.

The organization can move from a reactive approach (“we discovered a problematic shadow AI tool and tried to block it”) to a proactive one, defining what types of AI services are acceptable and under what conditions.

Scalability and flexibility across distributed locations

The platform is designed to centrally manage all of a company's locations. This makes it easy to extend the same AI-related security and control policies to headquarters, remote offices, stores, and logistics centers without compromising performance or resilience. AI governance becomes a consistent standard across the entire corporate network.

Companies are facing the challenge of advancing governed AI models. These processes do not depend on a single measure. They require a combination of clear usage policies, team training and awareness, data protection, and technological capabilities that enable an understanding of how artificial intelligence is actually being used within the organization. In addition, the European regulatory context, with regulations such as the General Data Protection Regulation (GDPR) and the European Artificial Intelligence Act (AI Act), reinforces the need for traceability, control, and risk management in the corporate use of AI.

In this scenario, connectivity infrastructure plays a key role. Solutions such as SAIWALL Secure SD-WAN provide visibility into the use of AI services, enable the development and enforcement of consistent security policies in distributed environments, and help protect data without slowing down innovation. In the process of building governed AI in the enterprise, the network becomes an ally in moving forward securely.