Security controls being configured for a Claude Cowork deployment
Claude Cowork guide · Security

Claude Cowork security, from people who carry the risk.

We are an MSP: we run the firewalls, the identity, and the compliance for the same clients we deploy Claude for. Here is what Cowork can and cannot touch, what Anthropic does with your data, and the five-part governance setup that makes it safe.

Updated July 2026 · Maintained by the Wellforce AI Practice
The short answer

The tool is governable. The rollout decides.

Claude Cowork is safe for business data when it runs on a business plan with basic rules. On Claude Team and Enterprise, your data is not used for model training by default. Cowork only works in folders you scope for it, and it shows its plan before working and its changes after.

The real risk we find in assessments is not the tool. It is the unmanaged alternative: staff already pasting donor lists and client documents into personal free accounts because the organization gave them nothing official. Governance beats prohibition, and it fits on one page.

Platform controls

What Anthropic's business plans give you

The first three come with any proper business deployment. The last three are why regulated teams buy Enterprise.

No training on your data by default

On Claude Team and Enterprise plans, your prompts and files are not used to train models by default. This is the baseline that makes business use viable.

Folder-scoped access

Cowork works in the folders you give it, not your whole machine. Access starts narrow and widens only as your rules allow.

Plan-first, review-after

It shows its intended steps before working and what changed after. Nothing ships without a human deciding it ships.

Enterprise identity controls

Claude Enterprise adds single sign-on, role-based access, and custom roles, so seats follow your identity system instead of shared passwords.

Audit logs and spend limits

Enterprise adds audit logs and group spend limits: who did what, and no surprise invoices. This is what law firms and regulated teams deploy on.

HIPAA option with a BAA

For healthcare-adjacent work, Enterprise offers a HIPAA configuration with a signed Business Associate Agreement.

Our standard setup

The five-part governance we deploy every time

This is what "set up safely" means in every Wellforce engagement, nonprofit or law firm alike.

Data map before go-live

We list what is safe for Cowork to touch and what never is: donor SSNs, client matters under protective order, student records, payroll. Written down, not assumed.

Scoped folders and connectors

Access is granted per workflow, not tenant-wide. The grant-writing folder, not the whole shared drive. Two or three connectors, each locked to what the workflow needs.

The one-page AI use policy

Plain language: what data is allowed, what never gets pasted or connected, when to disclose AI help. Signed before the first training session ends.

Identity done right

Work accounts only, MFA on, SSO where the plan supports it, offboarding wired into the same checklist as every other system we manage.

Review cadence

Day-30 access check on every engagement; monthly access and audit-log reviews and a quarterly tune-up under optional Managed Claude.

Watch for these

The five failure modes we actually see

None of these are exotic. All of them are preventable with the setup above.

Shadow AI: staff pasting sensitive data into personal free-tier accounts because the org gave them nothing official. The unmanaged path is the dangerous one.

Over-scoping on day one: pointing an agent at the entire shared drive before anyone wrote a data rule.

Shared logins: one "ai@yourorg.com" account everyone uses, so access can never be revoked per person or audited.

No offboarding step: an ex-employee's seat, connectors, and files still live weeks after departure.

Silent adoption: no disclosure norms, so nobody knows which deliverables had AI help when a funder or client asks.

Handling confidential client work? The legal-grade version of this setup is covered in Claude Cowork for law firms and delivered by Claude for Legal.

Questions

Security and privacy, answered

Is Claude Cowork safe for business data?
Yes, when deployed on the right plan with basic governance. Claude Team and Enterprise do not use your data for model training by default, Cowork's file access is scoped to folders you choose, and it shows its plan and its changes for human review. The honest caveat: the tool is only half of safety. The other half is your rules — what data it may touch, who has seats, and how access is reviewed.
Does Anthropic train its models on our files?
Not on Claude Team or Enterprise plans by default: business data is excluded from model training. This is a primary reason we deploy organizations on Team rather than letting staff use personal accounts, where consumer settings and habits vary.
Can Claude Cowork access our whole computer or network?
No. It works in the folders and connectors you grant. Our deployments start with a single project folder per workflow and widen only after the data policy is signed. The failure mode to avoid is human, not technical: an admin granting the whole shared drive on day one because it was convenient.
What do law firms and healthcare-adjacent teams need?
Claude Enterprise: single sign-on, role-based access, audit logs, custom retention, and a HIPAA option with a signed BAA. Our legal deployments (from $3,500 flat) set those controls up and verify the audit trail at day 30. See Claude for Legal for the full bundle.
Is it safer to just ban AI tools?
In practice, no. Bans do not stop usage; they move it to personal accounts on personal devices where you have zero visibility, zero controls, and zero audit trail. Every organization we assess already has staff using AI quietly. A governed rollout with a clear policy is how you actually reduce risk.
What does a governed rollout cost?
Governance is not an add-on; it is built into our flat implementation fee ($2,500 to $9,500 depending on seats and controls): the data map, scoped access, the one-page policy, identity setup, and the day-30 review are all standard. Ongoing monthly reviews are available as optional Managed Claude.
Want this done for you?

We install Claude Cowork for teams in DC & Raleigh

Design, setup, connected tools, hands-on training, and a one-page AI policy. Live in two weeks, from $2,500 flat. Nonprofit pricing available.