A new report has revealed that 89 per cent of enterprise Generative AI (GenAI) usage happens without IT oversight, thereby exposing organisations to data leaks and unauthorised access.
Many employees use GenAI tools through personal accounts, making security enforcement nearly impossible.
The Enterprise GenAI Data Security Report 2025 by LayerX highlights that while GenAI adoption is growing, most usage remains invisible. The report highlights how nearly 72 per cent of employees access these tools outside corporate controls, and only 12 per cent of corporate users authenticate via Single Sign-On (SSO).
The main concern with these findings is data exposure. For example, employees frequently paste sensitive business information, customer data, and proprietary code into GenAI tools, with an average of four pastes per day. Without security measures, organisations risk losing control over critical data.
To mitigate these risks, businesses should implement browser-based security solutions that provide visibility, integrate Data Loss Prevention (DLP) measures, and enforce authentication policies. Without action, GenAI is likely to continue as a growing security blind spot.
