A survey commissioned by HP and Microsoft has found that 81% of Australian small and medium businesses using free generative AI tools regularly submit confidential company information through them, creating a stark data leakage and compliance risk. The findings, published Wednesday in the “From Hype to Help” report, also show that more than half of SMBs now use AI, yet most lack the skills and governance to do so safely.
What the HP/Microsoft Survey Uncovered
The study, which polled more than 500 business and IT decision-makers at Australian SMBs, paints a picture of rapid adoption coupled with dangerous habits. Among the key numbers:
- 58% of SMBs have adopted AI in some form—whether through paid enterprise tools or consumer-grade freeware.
- 88% want to use AI to streamline operations, with top uses cited as internal reporting, handling repetitive tasks, customer engagement, and hiring.
- Free tools dominate: 36% use the free version of ChatGPT, 32% use the free tier of Microsoft Copilot, and 35% use Google’s Gemini without a paid license.
- Of those relying on free AI, 81% admit they use it for tasks that involve confidential information—proprietary documents, customer lists, contracts, and similar sensitive material.
Brad Pulford, managing director of HP Australia and New Zealand, told the Australian Associated Press the exposure is “immensely concerning.” Short-term cost savings, he warned, could lead to “very severe consequences” including social engineering attacks and malware risks born from data freely fed into public models.
What This Means for Your Business
For Small Business Owners and Solopreneurs
If you or your staff regularly paste client names, addresses, financial details, or internal strategy documents into a free chatbot, assume that data is no longer private. Free AI services often reserve the right to use inputs for model training. Even when they claim not to, a misconfigured session or a future policy change can expose information. For a small firm, one leak—such as a proprietary pricing list appearing in a competitor’s AI-generated output—could be devastating.
For IT Administrators and MSPs
Shadow IT is back with a vengeance. Employees bypassing procurement to solve immediate problems with free tools creates an invisible data exfiltration channel that no firewall will catch. You need visibility into which AI services are being used, which data types are being submitted, and whether those services have contractual data protection. Traditional endpoint protection won’t help: the threat is text leaving your network inside an innocuous HTTPS connection.
For Compliance and Legal Roles
Australia’s regulatory posture is shifting. The federal government has already banned DeepSeek from government devices, and Treasurer Jim Chalmers confirmed in August that AI is a “national priority” with forthcoming legal analysis and regulation. When new rules arrive, companies that cannot demonstrate responsible AI use—including data classification and approved tool lists—may face compliance penalties or loss of business eligibility.
Why the Risk Is Even Larger Than It Looks
The survey’s numbers are worrying on their own, but they arrive in a threat environment that amplifies every mistake.
Windows 10 End-of-Life Creates a Multiplying Effect
Microsoft ends support for Windows 10 on October 14, 2025. After that date, devices not enrolled in the Extended Security Updates (ESU) program will stop receiving security patches. Many SMBs still run fleets of Windows 10 machines. Combine unpatched operating systems, older hardware lacking modern telemetry, and employees freely pasting confidential data into public AI tools, and you have a compound attack surface: attackers can exploit known OS flaws to gain a foothold, then harvest AI-pasted data from keylogs or browser caches.
AI-Specific Threats Are No Longer Theoretical
In June 2025, security researchers disclosed CVE-2025-32711, dubbed “EchoLeak,” a high-severity vulnerability in Microsoft 365 Copilot. The flaw showed how an attacker could manipulate the AI assistant to disclose internal data from its context—without any user click. Microsoft quickly released patches, but EchoLeak is not an isolated anomaly. It illustrates a new class of attack: prompt injection, zero-click exfiltration, and AI-amplified social engineering. Your traditional anti-phishing training did not prepare employees for an email that uses generative AI to mimic the CEO’s writing style perfectly and references a real contract just submitted to a free chatbot.
Skills, Not Just Budget, Are the Real Barrier
The survey identified skills shortages as the biggest barrier to safe AI adoption (53% of respondents), far outpacing budget concerns (15%). That means even when businesses want to do the right thing, they often lack the expertise to choose, configure, and govern enterprise-grade AI. Employees fill the vacuum with free tools because they work and nobody stopped them.
What to Do Now: A 90-Day Action Plan
The playbook is straightforward. Focus on reducing immediate risk, then build governance.
First 30 Days: Emergency Controls
- Inventory AI usage. Send a short survey or use network logs to identify which AI services are being accessed. Get a rough count of who is entering what kind of data.
- Issue an interim acceptable-use policy. Make it plain: “Do not paste confidential data into any free AI tool.” Provide examples of what counts—customer PII, financial projections, internal strategy docs. Have managers sign off on any exceptions.
- Enforce multi-factor authentication (MFA) everywhere. This limits the blast radius if credentials are leaked via an AI-assisted phishing campaign.
- Patch critical systems and assess Windows 10 status. Identify devices that cannot be upgraded and enrol them in ESU if they hold sensitive data. Microsoft’s Extended Security Updates can buy you up to three additional years of patches, but at a cost that scales each year.
Next 60 Days: Hardening and Training
- Move sensitive workflows to enterprise AI. For any task involving confidential data, switch to paid tiers that offer contractual data protection, non-training commitments, audit logs, and admin controls. Microsoft 365 Copilot with commercial data protection, ChatGPT Enterprise, or Google Workspace’s paid Gemini plans are examples.
- Segment your network. Prevent legacy Windows 10 endpoints from reaching critical servers or cloud admin consoles without a jump host. Limit outbound access for those endpoints to only necessary services.
- Deploy role-specific training. Short modules, not annual compliance videos: show staff exactly what “confidential” means, demonstrate a real prompt injection example, and set up a simple reporting path for suspected leaks. Browser extensions or web proxy warnings can nudge users away from known public AI sites.
- Review vendor data clauses. When procuring any AI service, demand explicit language that your inputs will not be used for training, that data residency requirements are met, and that incident reporting timelines are contractual.
Longer Term: Governance and Migration
- Formalize AI governance by year-end. Create an approved tool list, data classification labels (public, internal, confidential, restricted), and a red-team process for testing AI pipelines before deployment.
- Migrate off Windows 10. ESU is a stopgap, not a strategy. Plan hardware refreshes to run Windows 11, which includes modern security features like Virtualization-Based Security and more granular telemetry.
Outlook: Regulation and the Vendor Ecosystem Are Moving Fast
The Australian government’s legal analysis of AI regulations is ongoing, and the Productivity Commission’s framing suggests a “middle-path” approach—mandatory guardrails without stifling innovation. Businesses should expect procurement rules to tighten, similar to the DeepSeek ban, and they should plan to meet baseline governance standards rather than hope for permissiveness.
Meanwhile, vendors are scaling their local presence. OpenAI announced plans for an Australian office in 2025, and both Microsoft and HP are heavily promoting enterprise Copilot and managed services. This creates a window: SMBs that engage now can negotiate better terms and build secure foundations before regulation forces their hand.
The next 90 days are decisive. Every business that takes the steps above—starting with a blunt conversation about what’s being pasted into free chatbots—will capture genuine AI productivity gains without walking blindfolded into a breach.