October 30, 2025

Over Half of Employees Download Apps Without IT Approval

Over Half of Employees Download Apps Without IT Approval

By Sandra Radlovacki

Not long ago, security teams could see and control almost every tool used inside their company. Fast forward to today, and employees are their own tech departments, downloading apps, testing AI tools, and linking accounts in ways IT never signed off on.

A new report from 1Password, “The Access-Trust Gap 2025,” captures just how far this shift has progressed.

Most businesses are now encouraging staff to use AI to speed up work, and 73% of employees say they’ve been told to try it. Yet, roughly 30% don’t stick to the rules meant to keep data safe. Some even feed private information into AI tools without realising the risk.

When Speed Beats Safety

Over 20% of employees have used company data in AI-generated reports, 24% have shared customer call notes, and 19% have uploaded details from employee reviews. Many use AI on personal devices, while others turn to tools that haven’t been approved by IT.

It’s what experts are calling shadow AI — fast, easy to use, and almost impossible for security teams to monitor.

Traditional defences are struggling to keep up. Single sign-on (SSO), once seen as a reliable security layer, no longer covers the full range of software used in most workplaces. Seventy-four percent of IT and security professionals told 1Password that SSO is not enough. About 30% of company apps still sit outside SSO systems entirely.

Dave Lewis, Global Advisory CISO at 1Password, said: “People will always avoid friction, creating their own solutions when support isn’t clear. Today, that shows up in the complexity of SaaS and AI implementations. The issue isn’t the SaaS and AI tools enterprises use in their corporate environments; it’s our assumptions. Organisations are asking yesterday’s identity tools to govern a cloud-native, AI-accelerated workplace.”

Then there’s the growing issue of access that lingers long after employees leave. More than a third of workers admit they’ve logged into old company accounts, which means offboarding remains a weak spot.

The everyday habits of employees don’t help, either. Sixty percent admit to reusing or simplifying passwords. Over half of major breaches in recent years can be traced back to compromised credentials.

A Worldwide Pattern

When it comes to regions experiencing problems, the entire world is affected to a certain extent. Singapore reports the highest level of shadow IT, with 55% of employees downloading unapproved apps. Germany follows with 46%, then the U.S. at 44%, the UK at 43%, and France at 33%. Singapore also leads in unapproved AI use, at 30%.

Until businesses find a balance between access and trust, the risks will keep growing. And the real challenge isn’t just building stronger walls; it’s convincing employees not to climb over them in the first place.

Employee Experience

Related articles

GenAI adoption grows as privacy and security concerns persistGenAI adoption grows as privacy and security concerns persistPega Predictable AI Agents transforms risky AI into reliable business workflowsPega Predictable AI Agents transforms risky AI into reliable business workflowsMove Over Word of Mouth, AI Is the New Doctor ReferralMove Over Word of Mouth, AI Is the New Doctor Referral