Blog Data Security

DeepSeek Discovery: How to Find and Stop Shadow AI 

Understand the security implications of employees using DeepSeek, such as shadow AI, and how your organization can immediately mitigate risks.
Rob Sobers
2 min read
Last updated January 31, 2025
DeepSeek and how Shadow AI is involved

Contents

    DeepSeek has quickly captured the world’s attention, recently surpassing ChatGPT as the most downloaded free app in Apple's App Store.

    While its low cost, advanced capabilities, and open-source approach are attracting users, organizations must understand the security implications of employees using DeepSeek. 

    🚨 We're discussing all things DeepSeek on Monday, February 3 at 1 p.m. EST. Join us live to learn more details and how your organization can stay secure. 

    Critical security concerns 

    For good reason, organizations and governments worldwide are scrambling to ban DeepSeek due to growing security concerns. Congress has banned it. So has the US Navy. Italy has also blocked DeepSeek though, once upon a time they banned ChatGPT, too. 

    Let’s break down the causes for concern.

    Data processing in China 

    • DeepSeek processes user prompts on servers located in China according to their privacy policy 
    • However, developers can host DeepSeek local instances on servers that are walled off from the Chinese mother ship 
    • All data is subject to Chinese data privacy laws and regulations 
    • Organizations must consider compliance implications with U.S. regulatory requirements 

    Shadow AI risks 

    • Employees may download and use DeepSeek without organizational approval 
    • Traditional corporate bans on AI tools have proven difficult to enforce 
    • Sensitive company information could be inadvertently shared through casual conversations 

    Unlike TikTok or Huawei, the open-source nature presents different security challenges. What’s more, because of its low cost to train and run, cybercriminals can use DeepSeek to launch massive campaigns more efficiently.

    Risk mitigation strategies 

    DeepSeek won’t be the last shadow AI app you have to worry about. So what steps can you take to ensure you can discover and stop shadow AI apps from inhaling your corporate secrets? 

    Immediate actions 

    1. Develop clear AI policies

    • Create clear guidelines about approved AI tools 
    • Establish protocols for handling sensitive information 
    • Define consequences for unauthorized AI tool usage 

    2. Offer secure alternatives

    • Consider building isolated instances using DeepSeek's open-source code 
    • Evaluate enterprise-grade AI solutions with proper security controls 
    • Implement walled-off versions that don't connect to external servers 

    3. Employee education 

    • Raising awareness about data security risks 
    • Providing clear alternatives to unauthorized AI tools 
    • Explaining the implications of sharing sensitive information with AI models 

    Using Varonis to discover and block DeepSeek 

    • Varonis can help you discover and classify sensitive data and implement least privilege in order to minimize your potential exposure to DeepSeek and other risky AI tools 
    • Varonis’s for Network can help by detecting DeepSeek usage with DNS and web proxy monitoring 
    • Varonis’ SSPM functionality detects and automatically removes shadow DeepSeek apps and plugins that users have integrated into your sanctioned SaaS apps without IT approval 
      Blog_DeepSeek_InCopyImage2_202501_V1
    • We’ll show you which users installed DeepSeek apps, when, what permissions have been granted, and what actions were performed 
    • Varonis can discover and classify files, source code, emails, etc. that relate to DeepSeek to uncover rogue developers or eager employees downloading and testing the code 

    Looking Forward 

    While DeepSeek's capabilities are impressive, organizations must carefully weigh the benefits against the security risks. The open-source nature of DeepSeek's code offers both opportunities and challenges: 

    Opportunities: 

    • Organizations can inspect the model weights and training code 
    • Possibility to build secure, isolated implementations 
    • Transparency in how the model operates 

    Challenges: 

    • Increased vulnerability to targeted attacks 
    • Potential for malicious use 
    • Compliance concerns with data privacy regulations 
    Dive into DeepSeek with us live Monday, Feb 3 at 1 p.m. ET
    Save your seat
    state-of-cybercrime-logo

    Conclusion 

    While DeepSeek represents significant technological advancement, organizations must approach its use with caution.

    The combination of Chinese data sovereignty requirements, open-source vulnerabilities, and potential for shadow AI usage creates a complex security challenge that requires careful consideration and proactive management. 

    This security advisory will be updated as new information becomes available about DeepSeek's security implications and best practices for enterprise use. 

    What should I do now?

    Below are three ways you can continue your journey to reduce data risk at your company:

    1

    Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

    2

    See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

    3

    Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

    Rob Sobers
    Rob Sobers Rob Sobers is a software engineer specializing in web security and is the co-author of the book Learn Ruby the Hard Way.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    varonis-announces-ai-powered-data-discovery-and-classification 
    Varonis Announces AI-Powered Data Discovery and Classification 
    varonis-announces-ai-powered-data-discovery-and-classification 
    Rob Sobers
    August 6, 2024
    Varonis' new LLM-driven data scanning gives customers a deeper business context with unmatched precision and scale.
    how-to-turn-cybersecurity-jargon-into-a-language-everyone-in-your-office-can-speak
    How to Turn Cybersecurity Jargon into a Language Everyone in Your Office Can Speak
    how-to-turn-cybersecurity-jargon-into-a-language-everyone-in-your-office-can-speak
    Rob Sobers
    March 29, 2020
    Cybersecurity jargon can be confusing, but it's imperative that every member of your organization — not just the IT department — understands what they mean. In this article, we explain how to translate 10 cybersecurity buzzwords for everyone in your office.
    varonis-brings-data-security-to-nasuni-cloud-nas
    Varonis Brings Data Security to Nasuni Cloud NAS
    varonis-brings-data-security-to-nasuni-cloud-nas
    Rob Sobers
    March 29, 2020
    We’re excited to announce that, in an upcoming release, the Varonis Data Security Platform will bring data-centric audit and protection to Nasuni Enterprise File Services. Nasuni is a key Varonis...
    the-exact-data-security-roadmap-we've-used-with-7,000+-cisos
    The Exact Data Security Roadmap We've Used with 7,000+ CISOs
    the-exact-data-security-roadmap-we've-used-with-7,000+-cisos
    Rob Sobers
    April 11, 2023
    Explore the Varonis data security roadmap for modern protection, aiding 7,000+ CISOs in compliance and safeguarding valuable data.