There is a conversation happening every week across MSP boardrooms, peer calls, and strategy sessions. It sounds like this: “My customers are using ChatGPT. Their employees are uploading documents into AI tools I never approved. And I have no idea what’s in those files.”
That is shadow AI. And it is not a future risk. It is happening right now, inside the businesses your customers trust you to protect.
I sat down with Daniel Gallancy, CEO of Atakama, on a recent episode of Sunny Silver Linings. Daniel and his team have been building browser security for MSPs after a significant product pivot that took them from encryption software to where they are today. The conversation covered a lot of ground. Three things stood out.
The browser is the blind spot
Most MSPs have endpoint protection. They have email security. They have firewalls. What they do not have is visibility into what users are actually doing while they work.
Daniel put it plainly. The goal is not to spy on employees. Nobody has the time for that and it is not the point. The point is knowing when a user is doing something that creates risk, not out of bad intention, but out of efficiency. The employee is trying to get their job done. They drag a file into ChatGPT. They paste a client list into an AI tool. They sign up for a new AI service on their own.
They are not trying to cause harm. But the outcome can be harmful. That is the blind spot.
Daniel described what Atakama surfaces for MSPs: which AI services employees are using, whether those services were sanctioned by the business, what data is being sent into those tools, and whether any of that data contains PII or other sensitive information. The MSP sees all of it. The MSP can block it, warn the user, or allow it with a full audit trail.
That is a meaningful shift from where most security stacks are today.
Shadow AI is not malicious. That does not make it safe.
When I raised shadow AI on our weekly MSP connection call, the pattern was consistent. MSP leaders were not concerned about bad actors inside their customer base. They were concerned about well-meaning employees who had no idea they were creating risk.
Daniel confirmed that framing. Shadow AI is not nefarious. A CFO doing P&L analysis in an AI tool. A marketing team cleaning up a prospect list. An operations lead summarizing contracts. All of it is happening in tools the business did not provision, did not evaluate, and cannot audit.
The challenge is that once information enters an LLM, the business no longer controls what happens to it. That is not a hypothetical. That is the current reality for most SMBs today.
Atakama addresses this at the browser level by detecting the activity, reporting it to the MSP, and giving the MSP the ability to act. Block, warn, or allow. All three create a record. That record becomes the basis for a real conversation with the customer.
The sales motion nobody is using
Here is what caught my attention. Daniel described Atakama as the most intellectually accessible security product for end customers. That is not a marketing claim. It is a practical observation.
A business owner does not truly understand what EDR does. They know they need it. They cannot explain it. Browser security, by contrast, produces outputs that any business owner can read and immediately understand.
An MSP can walk into a customer meeting and show them: here are the AI tools your employees are using that you did not know about. Here are the browser extensions installed on your team’s machines. Here is how one user handles passwords versus another. Here is what happened last Tuesday when someone uploaded a document to an external AI service.
That is a client health report that creates context for a pricing conversation. It is also a prospecting tool. Daniel specifically mentioned running a free trial with a prospect, letting the data accumulate over a few weeks, and then presenting that report. That presentation closes the sale.
The MSP who can show a prospect what is happening inside their business, before they are even a client, has a very different sales conversation than the one selling a stack of acronyms.
The leadership lesson that cuts through everything
Daniel did not hesitate when I asked about keeping a team aligned through a major pivot. Be direct. Tell them what is happening. Tell them why.
He made one observation that I think every operator should sit with. If you cannot successfully pitch your vision to your own team, that is the signal to examine the vision, not the communication. Your team is the first test. If the logic holds, they will follow. If it does not, they will ask questions you cannot answer. That is useful information.
He was equally direct about uncertainty. Not everything has a clean answer during a pivot. You say that. You acknowledge the unknown unknowns. The team does not need you to have every answer. They need you to be honest about what you know and what you do not.
The life lesson worth passing on
Toward the end of our conversation, Daniel offered something that had nothing to do with cybersecurity and everything to do with how people operate.
Before you react to what someone says or does, take a moment. Ask yourself what you might not know about the situation. Ask yourself whether your emotional response, if translated directly into action, is actually the optimal response. In many cases, it is not.
He was clear that he does not always succeed at this. But he is actively working on it. That kind of honesty from a leader is more instructive than any framework.
Listen more. React less. Respond from clarity, not from the first feeling.
That lesson applies in security. It applies in business. And it applies at home.
The browser is where your customers’ employees are spending their days. It is also where risk is accumulating quietly, one unsanctioned AI session at a time. The MSPs who build visibility into that layer now will have a different conversation with their customers than those who wait.
The question is not whether shadow AI is happening inside your accounts. It is what you plan to do about it.
