How a Global Healthcare Enterprise Drove Unsanctioned AI to Near Zero
Last updated: June 2026.
A global Fortune 200 healthcare technology enterprise used Aurascape to drive unsanctioned, long-tail AI access to near zero, keep AI use inside approved and licensed tools, and protect sensitive data across a workforce of more than 60,000 users. AI use is now near-universal across enterprises, with 88 percent of organizations using AI (Stanford HAI, 2026), so the security team’s task was not whether to allow AI, but how to govern it consistently at global scale.
This case study walks through the challenges this kind of enterprise faces, how an Aurascape deployment is sequenced, and the results of deploying Aurascape across a workforce of this size.
The challenge: a growing long tail of AI tools to govern as adoption scales
With more than 60,000 employees, new AI tools entered the organization faster and across more teams than any team could track by hand. New public AI applications, AI features embedded inside SaaS, and AI reached through personal or free-tier accounts kept arriving. Cataloguing and risk-scoring that flow called for a reliable, automated, and scalable approach rather than manual review.
The wider market shows why. AI use is spreading across functions, not concentrated in one team: more than two-thirds of organizations now use AI in more than one business function, and half use it in three or more (McKinsey, 2025). Governance has not kept pace. Only 38 percent of organizations have a formal, comprehensive AI policy, and one in four have none at all (ISACA, 2026).
The organization’s existing network and SaaS controls were built to govern destinations, not AI interactions, so visibility into how AI was being used was constrained by legacy security architecture limitations. This security-focused enterprise set out to get ahead of that gap before it became a blind spot. The team had three goals as AI use scaled. First, maintain a complete inventory of the AI apps and agents in use, so nothing stayed out of view. Second, keep AI use inside approved tools with enterprise licenses, rather than unsanctioned AI or tools accessed with personal accounts. Third, make sure sensitive data, including proprietary and confidential information, stayed protected as employees adopted AI.
| What the team set out to do | Why it is hard as AI use scales | What Aurascape provides |
|---|---|---|
| Maintain full visibility into AI use | The long tail of AI tools grows constantly and is invisible to destination-based network and SaaS controls | A complete, current inventory of AI apps and agents in use |
| Keep AI use in approved, licensed tools | Use can spread to personal accounts and free tiers outside sanctioned access | Enforcement that distinguishes approved enterprise tenants from personal accounts |
| Protect sensitive data as adoption grows | Prompt and response content is invisible to destination-based controls | Real-time, inline data classification and protection |
Phase one: a complete inventory of AI use
The rollout started with discovery. Before setting any policy, the team built a complete inventory of the AI apps and agents in use, including the embedded AI features arriving inside SaaS applications. Aurascape discovered known and long-tail AI across the network and running on devices, recognized brand-new AI applications and agents quickly, and attributed risk to each one based on its behavior, permissions, and data handling (Aurascape, 2026).
The result was a single, current catalog of AI use across the global workforce, turning an unknown and shifting set of tools into a ranked, governable inventory (Aurascape, 2026).
Phase two: control over how AI is used
With visibility established, the team moved to control. Aurascape distinguished approved enterprise tenants from personal accounts, redirected users to sanctioned tenants, and applied context-aware policy that could allow, coach, warn, block, or redact depending on the application, the user, and the data involved (Aurascape, 2026).
Blocking unsanctioned applications while routing users to approved, licensed tools brought long-tail AI access to near zero, and enforcing sanctioned access kept use inside licensed tools. Coaching users at the point of use kept adoption moving through the tools the organization sanctioned and purchased enterprise licenses for, resulting in effective spend while reducing risk.
Phase three: protection for sensitive data inline
The final step protected sensitive data where the risk increasingly lives, inside the interaction. Aurascape applied real-time, multimodal data classifiers to categorize and protect sensitive content, including proprietary and confidential data, with redaction and a low false-positive rate, while giving the team interaction records for audit and effectiveness, governed by role-based access control (RBAC) for privacy (Aurascape, 2026).
Combined with end-user coaching, those inline controls added certainty that sensitive data stayed protected even as AI adoption grew. Employees kept using AI for real work, with proprietary and confidential data governed at the point of interaction.
Results of deploying Aurascape
Deploying Aurascape across the global workforce produced the following outcomes.
| Outcome | Result | What it measures |
|---|---|---|
| Unsanctioned (long-tail) AI access | Reduced to near zero | AI use through unsanctioned tools after enforcement |
| Use outside licensed access | Reduced to near zero | AI use through personal or free-tier accounts versus sanctioned licenses |
| Sensitive-data exposure risk | Minimized | Proprietary and confidential data governed inline as AI use grew |
| AI use rollout | More than 60,000 users worldwide | Scale of governed AI use |
| United States users | More than 15,000 | Governed users in the United States |
| Global expansion | Latin America, Asia-Pacific, the UAE, and the EU | Regions brought under one governance model |
After the initial rollout to more than 60,000 users worldwide, including more than 15,000 in the United States, the enterprise extended the same governance model across Latin America, Asia-Pacific, the United Arab Emirates, and the European Union. Predictable pricing supported budgeting for a rollout at that scale.
Why this matters for healthcare AI governance
Aurascape combined discovery, usage control, and inline data protection, and stayed additive to the security stack the enterprise already ran (Aurascape, 2026).
That is what let a healthcare technology enterprise with more than 60,000 users expand AI adoption without expanding risk: get a complete inventory of the AI in use, govern how it is used, and protect sensitive data in the interaction path, under one model that scales across regions.
Frequently asked questions
How did the company reduce unsanctioned AI use?
It started by building a complete inventory of the AI apps in use, including the long tail, then enforced sanctioned-access policy that blocked unsanctioned applications and redirected users to approved enterprise tenants. Deploying Aurascape drove long-tail AI access to near zero.
Did blocking unsanctioned AI slow AI adoption?
No. The goal was secure adoption, not prohibition. Users were routed to approved enterprise tenants and coached at the point of use, so AI adoption continued and expanded across the enterprise’s global operations.
How does Aurascape protect sensitive data in healthcare AI use?
Aurascape categorizes and protects sensitive data inline using real-time, multimodal data classifiers, redaction, and context-aware policy, and provides interaction records for audit and effectiveness, governed by role-based access control (Aurascape, 2026).
How does Aurascape keep AI use within approved, licensed tools?
Aurascape distinguishes approved enterprise tenants from personal accounts and enforces sanctioned-access policy, so usage stays within licensed, approved tools. In this deployment, that kept AI use concentrated in sanctioned, licensed tools and use outside licensed access near zero.
Aurascape gives security teams one way to govern AI across the enterprise: discover the AI tools and agents in use, control how AI is used through approved tenants and context-aware policy, and protect sensitive data inline, all under a model that scales from a single team to a global workforce. For a healthcare technology enterprise adopting AI across regions, that meant faster, safer adoption without adding security gaps.
Aurascape Solutions
- Discover and monitor AI Get a clear picture of all AI activity.
- Safeguard AI use Secure data and compliancy in AI usage.
- Secure Agentic AI Secure how your teams use AI and build AI agents.
- Copilot readiness Prepare for and monitor AI Copilot use.
- Coding assistant guardrails Accelerate development, safely.
- Frictionless AI security Keep users and admins moving.