DeepSeek: the app that devours your company...

Four actions to regain control without slowing the machine

Shadow AI cannot be solved by banning it. 

It is solved by substitution: give your teams a secure path that is as simple as the tool they are using right now.

1. Map it before deciding:

You probably do not know which AI tools are being used in your organization. If you have a proxy or a DLP solution, an audit of outgoing traffic over two weeks will give you a real picture. If that is not yet in place, there is a quick alternative: an anonymous survey of department managers, with three simple questions (which tools, for which uses, how often), takes 48 hours and covers 80% of the field. 

It is not perfect, but it is enough to prioritize. Without this starting point, any policy is blind.

2. Establish a whitelist, not a blacklist:

Blocking ChatGPT is useless if you do not offer an alternative. Define the authorized tools, document them, and communicate the reasons. A usage policy without a replacement tool will not last six months.

3. Address the problem at the source, in real time:

The real question is not "which tool is my employee using?" but "what data should I allow them to send?". There is a specific category of tools for this, LLM anonymization proxies, which sit between the user and the AI model. 

Before the prompt is sent to ChatGPT or another service, the tool automatically detects and masks sensitive elements: names, contract references, financial data, HR identifiers. The AI receives a stripped-down text. The employee gets their answer. You keep control over what goes out, without having to block usage.

4. Do not tackle everything at once:

Identify the two or three services that concentrate the most sensitive data (HR, finance, R&D depending on your sector) and start there. A targeted six-week pilot is more effective and more acceptable than a poorly prepared global rollout. And it will give you the arguments you need to convince reluctant teams.

The organizational dimension matters just as much as the technical one. IT and business managers must build this governance together. A policy imposed from above without dialogue with end users is bypassed within forty-eight hours.

What Bosl.ai concretely brings to this context

This is exactly the kind of problem akawan has addressed with Bosl.ai. 

The principle: an anonymization layer that sits between your employees and the LLMs they use, in real time, without changing their work habits.

Concretely, before the prompt is sent to ChatGPT, Gemini, or another model, Bosl.ai detects and masks sensitive data: names, financial data, HR information, project references. The AI receives a prompt stripped of identifying elements. 

The employee gets their answer. You keep control over what goes out.

The solution is available as SaaS for rapid deployment, On-Premise for environments that require nothing to leave the perimeter, and as a Chrome plugin for teams that work directly in ChatGPT. For organizations that want zero contact with external AIs, the Bosl.ai ECO option relies on a fully internal sovereign model.

At akawan, we do not deliver the tool alone. We start by analyzing your actual flows, identifying the most exposed data, and co-designing the deployment scope with your IT and business teams. That is what makes the difference between a tool you install and a system that lasts.

Growth will not slow down. Governance, however, can move fast.

Shadow AI is not a problem for tomorrow. It is active today, within your teams, on the tools you have not yet inventoried. The bigger your organization gets, the more the problem expands.

The good news: you do not need to solve everything at once. A targeted scope, an effective protection layer, and governance built with users rather than against them are enough to significantly reduce the risk. 

Your teams want to move fast. Give them a secure path to do it.