Every time an employee pastes a customer file excerpt into a public chatbot, part of your company's information assets leaves the building. Multiplied by dozens of unsupervised daily uses — what security teams call shadow AI — the risk becomes structural. And it's already there: in most companies, the use of public AI tools started long before any policy existed.
The real risks of "public cloud everything"
- Sensitive data leakage: customer data, pricing, contracts, source code or trade secrets sent to third parties without control or proper encryption.
- Loss of traceability: no way to know who sent what, when, and to which service. In an incident, you can neither assess the scope nor notify properly.
- Data reuse: depending on the terms of service, your content may be used to improve the vendor's models.
- Vendor lock-in: terms, pricing and availability that change without notice, with an exit cost that grows as usage settles in.
- Non-compliance: data transfers outside the frameworks required by GDPR, Morocco's law 09-08, or your own contractual commitments to your customers.
The point isn't to demonize public AI services — they're excellent for generic tasks on public data. The point is to consciously choose what goes out, and what stays in.
The alternative: AI hosted in your environment
Open models have reached a quality level that covers the vast majority of business needs: classification, extraction, drafting replies, document search, summarization. Deployed on your servers or in your private cloud, they offer:
- Sovereignty: your data never passes through a third-party service. The model comes to the data, not the other way around.
- Full traceability: every request is logged in your own systems, with user identity and context.
- Predictable costs: infrastructure sized for your usage, with no per-request billing that spirals as adoption grows.
- Customization: a model adapted to your vocabulary, your business rules, your internal documents.
Three architectures, three exposure levels
| Architecture | Where your data goes | Best suited for |
|---|---|---|
| Public chatbot | Vendor's servers, barely controllable | Public data only |
| API with contract | Vendor, with contractual guarantees | Pseudonymized data, moderate volumes |
| Model hosted on-premises | Never leaves your infrastructure | Sensitive data, core processes |
Most companies end up combining all three — what matters is that the split results from a decision, not from individual habits.
A simple policy for your teams
- Classify your data: public, internal, confidential. A one-page matrix is enough to start.
- Allow public tools only for public data, and say so clearly.
- Provide an internal alternative for everything else. Prohibition without an alternative never holds: teams route around it and shadow AI returns.
- Log and audit regularly. What gets measured gets governed.
- Train. Most leaks aren't malicious — they come from employees trying to do good work, fast.
Where to start concretely
A good entry point: an internal assistant hosted on your premises, connected to your documents (procedures, offers, FAQs), available to every employee. It replaces the unsupervised use of public chatbots with a tool that's more relevant — because it knows your context — and fully under control. It's often the project that reconciles IT, management and the teams.
Security shouldn't slow down AI adoption. Well-architected, it's the very condition for it: your teams use AI without trading productivity against confidentiality.