Reference
AI Governance & Shadow AI Glossary
Plain-English definitions for the terms IT teams, MSPs, and compliance leaders run into when standing up an AI governance program. Anchored so you can deep-link any definition into a policy doc, a ticket, or a client report.
Shadow AI fundamentals
- Shadow AI
- The use of AI tools — ChatGPT, Claude, Gemini, Copilot, or any GenAI service — by employees without IT approval, vendor review, or oversight. Distinct from shadow IT because every interaction involves data submission: prompts go to a third party that typically has no data-processing agreement with the employer, no audit trail, and no compliance coverage.
- Shadow IT
- The use of unsanctioned software, devices, or cloud services by employees outside the IT approval process. Shadow IT predates shadow AI by two decades and is well understood. Shadow AI inherits the governance discipline but adds a new failure mode: regulated data flowing into models the company has no contractual control over.
- GenAI
- Short for generative AI — the class of AI tools that produces text, code, images, audio, or video in response to a prompt. ChatGPT, Claude, Gemini, Copilot, and Midjourney are the GenAI tools that show up most in shadow AI detection telemetry.
- Prompt injection
- A class of attack where adversarial content embedded in input data manipulates an LLM into ignoring its system instructions. Indirect prompt injection (via documents, web pages, or emails the model retrieves) is the more dangerous variant. Shadow AI raises injection risk because employees often paste untrusted content directly into tools without sanitization.
- Hallucination
- A confident, fluent answer from an LLM that is factually wrong or invented. Not a security concern in isolation, but a governance concern when shadow AI outputs are pasted into client deliverables, code, or regulated artifacts without review.
- Model card
- A structured document published by a model provider describing intended use, training data, known limitations, and evaluations. AI vendor governance programs use model cards to record which models are approved for which data classes.
- Retrieval-Augmented Generation (RAG)
- An architecture where the LLM retrieves passages from an external knowledge base before generating a response. Most current AI answer engines (ChatGPT search, Perplexity, Google AI Overviews, Claude search) use RAG. Relevant to shadow AI when employees use RAG-style tools to query internal documents pasted as context.
Detection and enforcement
- Endpoint agent
- Software running on a managed device (in ShadowLock's case a Windows service) that monitors local activity, enforces policy, and ships events to a central backend. Endpoint agents see clipboard events, process starts, and file access that network-layer tools cannot.
- Browser extension force-install
- Pushing a managed browser extension to every device via Windows registry policies (
ExtensionInstallForcelistfor Chrome and Edge) or the equivalent macOS profile. Force-install ensures the extension is present and cannot be disabled by the user, which is how ShadowLock guarantees browser coverage on every managed endpoint. - Clipboard monitoring
- Watching the operating-system clipboard for content that may be pasted into an AI tool. ShadowLock's agent reads clipboard data at paste time, runs local classification, and enforces policy before the paste reaches the target window. Content never leaves the device.
- Shannon entropy
- A measure of randomness in a string of characters. High-entropy strings are likely to be cryptographic keys, tokens, or random identifiers. ShadowLock uses entropy alongside pattern checks to classify pastes as likely containing secrets without needing a regex for every possible token format.
- Luhn algorithm
- A checksum used to validate credit card numbers, IMEI numbers, and Canadian SINs. A 16-digit string that passes Luhn is almost certainly a credit card. ShadowLock applies Luhn to candidate numeric sequences in pastes to upgrade detection confidence from "looks numeric" to "structurally a card number."
- Data classification tier
- A confidence level assigned to a detection — typically
low,medium, orhigh— that drives the enforcement decision. ShadowLock's tiered model lets a policy block at high confidence, audit at medium, and ignore at low, which reduces false positives without losing real detections. - Policy cascade
- The merge order used to resolve a final policy when multiple tiers (partner, organization, device) each define a setting. ShadowLock cascades partner → organization → device, with device-level overrides winning, so a tightly-scoped device policy always trumps a broader org or partner default.
- Audit log
- A tamper-evident record of every detection, paste attempt, and policy decision, timestamped and tied to a device and user. ShadowLock's audit log is designed to satisfy SOC 2 CC6.1/CC7.2 evidence requirements, HIPAA §164.312(b), and GDPR Article 30 record-of-processing.
- Deployment ring
- The release channel a device subscribes to:
early_access,preview, orstable. Used to roll new agent versions to a subset of devices before fleet-wide promotion. Standard MSP delivery pattern adapted from Windows Update for Business.
Adjacent security concepts
- AI governance
- The discipline of giving an organization visibility, policy, enforcement, and audit over its AI usage. Distinct from "AI safety" (a model-research concern) and "AI ethics" (a moral framework). Governance is operational: who can use which tools, with which data, under which controls, with which evidence.
- AI Data Loss Prevention (AI DLP)
- Controls that detect and block sensitive data from reaching AI tools. Traditional DLP covers email, file shares, and printers; AI DLP covers prompts, pastes, and file uploads to GenAI services. Endpoint-layer AI DLP — like ShadowLock — classifies content locally and enforces before the data leaves the device.
- CASB
- Cloud Access Security Broker — an enterprise control layer between users and cloud services that enforces policy on SaaS traffic. Relevant to shadow AI as an inventory and policy-enforcement layer, but CASBs sit at the network/API layer and don't see clipboard content.
- SSE
- Security Service Edge — the cloud-delivered convergence of SWG, CASB, and ZTNA. SSE platforms (Netskope, Zscaler, Palo Alto, Cloudflare) include shadow AI features but treat AI as one category among many; ShadowLock is a focused shadow AI control.
- Zero trust
- An architectural posture that assumes the network is hostile and authenticates every request explicitly. Often invoked in shadow AI conversations because "trust no AI tool by default" follows the same principle: every AI call is a request that must be policy-checked, not implicitly allowed.
- Zero-trust browser
- A browser or browser extension that applies zero-trust controls — URL isolation, identity-bound sessions, content filtering — to every page load. Used by Conceal and DefensX as the primary control surface for shadow AI; complementary to endpoint agents like ShadowLock.
- DNS filtering
- Blocking categorized domains at the resolver before the connection completes. DNSFilter, Control D, ThreatLocker Web Control, and Cloudflare Gateway are MSP-channel DNS filters. Effective as a baseline AI category block; blind to clipboard content and AI features embedded inside approved SaaS.
- Multi-tenant
- A single application instance serving many isolated tenants (organizations) from shared infrastructure. ShadowLock is multi-tenant from day one with a partner → organization → device hierarchy, which is how MSPs roll a single product across hundreds of clients without per-client deployments.
- Tenant isolation
- Architectural guarantee that data, policy, and access from one tenant cannot leak into another. ShadowLock enforces tenant isolation at the database, API, and UI layers, including event scoping and admin-role checks.
Compliance and policy
- BAA
- Business Associate Agreement — the HIPAA-required contract between a covered entity and any vendor that handles Protected Health Information. Pasting PHI into an AI tool without a BAA in place is a HIPAA disclosure. Most consumer AI tools do not offer BAAs.
- PHI
- Protected Health Information — any individually identifiable health information held or transmitted by a HIPAA-covered entity. Includes the 18 HIPAA identifiers (names, dates, SSNs, etc.) in connection with health status, treatment, or payment.
- PII
- Personally Identifiable Information — information that can identify an individual on its own (name + SSN) or in combination (initials + DOB + ZIP). PII handling is governed by GDPR, CCPA, and various state laws; AI prompts often contain PII unintentionally.
- NIST AI RMF
- NIST AI Risk Management Framework (AI RMF 1.0, released January 2023) — voluntary US guidance for managing risks across the AI lifecycle. Increasingly cited in vendor diligence, cyber insurance applications, and federal procurement. ShadowLock's audit log structure maps cleanly to AI RMF Govern and Measure functions.
- EU AI Act
- EU regulation (in force from 2024, with most provisions applying from 2026) that classifies AI systems by risk tier and imposes obligations including transparency, human oversight, and data governance. Relevant to shadow AI because uncontrolled AI use can put a company in the wrong risk tier without their knowing.
- SOC 2
- Service Organization Control 2 — an AICPA framework for evaluating a service organization's controls over security, availability, processing integrity, confidentiality, and privacy. CC6.1 (logical access), CC7.2 (system monitoring), and CC9.2 (vendor management) are the SOC 2 criteria most commonly cited in AI control reviews.
- GDPR Article 6
- The GDPR provision establishing lawful bases for processing personal data. Pasting customer PII into an AI tool without an established lawful basis (consent, contract, legitimate interest) is a GDPR violation. Shadow AI bypasses the lawful-basis analysis entirely.
- GDPR Article 32
- GDPR security-of-processing requirements — appropriate technical and organizational measures including pseudonymization, encryption, and access controls. Endpoint classification and clipboard blocking are increasingly cited as Article 32 measures for AI-era data handling.
- Acceptable Use Policy (AUP)
- A written policy defining what employees may and may not do with company systems and data. An AI AUP names approved tools, prohibited data classes, monitoring expectations, and consequences. ShadowLock provides a free AI acceptable use policy template.
- Cyber insurance AI endorsement
- A policy rider or supplemental questionnaire from a cyber insurance carrier covering AI-specific risks: model misuse, prompt-injection-driven incidents, data leakage into AI tools. By 2026 renewal cycles, most major carriers ask whether the insured has AI governance controls in place.
MSP delivery
- MSP
- Managed Service Provider — a company that delivers IT services (often including security, backup, and helpdesk) to multiple SMB or mid-market clients under recurring contracts. ShadowLock is built for MSP delivery: multi-tenant by design, per-tenant policy, partner-tier billing.
- RMM
- Remote Monitoring and Management — the platform an MSP uses to deploy software, run scripts, and monitor health across client endpoints. Common RMMs include ConnectWise Automate, NinjaOne, Datto RMM, N-able N-central, Kaseya VSA. ShadowLock's agent is designed to deploy via any RMM.
- PSA
- Professional Services Automation — the platform an MSP uses for ticketing, billing, and contract management. Common PSAs include ConnectWise PSA, HaloPSA, Autotask, Kaseya BMS. ShadowLock ships events to PSAs via webhooks for ticket creation.
Now put the definitions to work
Start a free ShadowLock trial and see endpoint shadow AI detection and AI DLP in action — or read the underlying guides on the blog.