LayerX's 2025 Enterprise Generative AI Security Report presents alarming data about the use of generative AI tools in corporate environments. The research, based on telemetry collected from LayerX Security's customer base, reveals that nearly 90% of accesses to AI applications are invisible to organizations.
The study shows that more than 70% of connections to generative AI tools are made using employees' personal accounts, even on corporate devices. Even among logins with corporate accounts, 58% are performed without single sign-on (SSO). This means security and IT teams have no visibility into who is using these tools and what data is being exposed. This raises concerns not only about corporate information protection, but also about the personal data of customers and employees.
Only about 15% of employees use generative AI on a weekly basis, but there is a small percentage of power users. ChatGPT dominates the market, accounting for 77% of online AI tool access. Among corporate users, 39% of those who regularly use generative AI are software developers.
The report also warns about the risks of AI-enabled browser extensions, present in 20% of corporate users. These extensions can bypass access filters and expose organizational data without the company's knowledge.
Source: Layer
This post was summarized from its original version using ChatGPT version 4o, with human review.