Personal accounts for work

what it is

The pattern has a dozen faces: the contract drafted in a private Gmail because the laptop was elsewhere, the client files in a personal Dropbox from before the company had one, the ChatGPT account someone pays for themselves, the freelancer who delivered everything from their own workspace and kept the working copies.

What unites them is invisibility by construction. Every other form of shadow IT, shadow SaaS, OAuth grants, ghost accounts, at least touches your directory somewhere. A personal account touches nothing. There is no admin console where it appears, no grant to revoke, no policy that reaches it.

why it accumulates

Personal accounts are always closer than the sanctioned path: already signed in, no VPN, no SSO redirect, no quota. People reach for them under deadline for the same reason they reach for any shadow tool, because work needs doing, and the personal account was one click nearer.

The measured slice is consistent. Netskope's 2025 research found 47% of generative-AI use at work running on personal accounts, and its earlier telemetry showed a spike of uploads to personal apps in employees' final 30 days, with personal Drive and OneDrive the top destinations (Netskope, 2022). The habit is ordinary; the final-month spike is what it costs.

what it costs you

Offboarding simply does not apply. When the person leaves, every control you run closes their company access, and the personal layer leaves with them: files, threads, prompts, client material. 83% of employees admit they still have access to at least one account from a previous employer (Beyond Identity, 2022, self-reported), and the personal-account layer is the part of that figure no process can even see.

GDPR exposure runs in parallel: customer personal data in a private account is processing outside every safeguard you have documented, invisible to subject-access requests and breach assessments alike. And there is the dependency cost: work product the company paid for, recoverable only by asking nicely.

what works

A personal account leaves no trace in any directory; only the seams show, where the personal layer touches the company stack. Sharing reports reveal company files shared to private addresses, and mail rules reveal auto-forwarding to personal inboxes. Both are visible today in admin consoles most companies already run, and where they cluster is where the invisible layer is thickest.

Beyond the seams, the durable fix is making the sanctioned path the nearer one, because most personal-account use is friction avoidance. SSO that works, storage without quota anxiety, and a sanctioned AI tool remove the reason before any policy mentions the rule. The rule itself works best stated plainly: work product lives in company accounts, with named exceptions if any. One sentence in onboarding beats a policy nobody finds.

The control that actually reaches this layer is conversational. Companies that handle it well ask leavers directly what lives in personal accounts and transfer the material while goodwill is high; the exit conversation is the only process that can see what no console can. The documented spike in uploads to personal apps during the final month before departure is the reason that conversation pairs with a closer look at sharing and forwarding once a departure is known.