// SECURITY_BRIEFING
A practical security guide for Claude, Claude Code, and Cowork — covering account types, data handling, compliance, and what your organization needs to get right.
Enterprise Guide // February 2026
CORE_PRINCIPLE
Not your settings. Not your workflow. Not the tool you're using. The account type determines whether your data is used for model training.
Commercial Plans
Enterprise, Team, API — your data is never used for training. Full stop.
Consumer Plans
Free, Pro, Max — your data is used for training by default since Sept 2025.
RISK_SPECTRUM
Training ON by default
No admin controls
No SSO
No training
Basic admin
No SSO or audit logs
No training
Full admin + SSO
Audit logs + ZDR
No training
7-day retention
Provider-managed
Claude Code follows the account, not the tool. Claude Code on a consumer account follows consumer training policies. The tool doesn't change the rules — the account does.
CONSUMER_RISK
Since Sept 28, 2025 all consumer accounts train on your data unless manually opted out.
With training enabled, inputs and outputs may be retained for up to 5 years. Even with opt-out: 30 days.
No centralized controls. No audit logs. No SSO. No way to know what employees are sending.
Verdict: Not suitable for any work involving sensitive or proprietary data.
OPT-OUT: Settings → Privacy → Model Training → Toggle OFF (stops future training only)
TEAM_ANALYSIS
What You Get
What You Don't Get
PRICING: $20–30/user/mo (standard) · $150/user/mo (premium w/ Claude Code)
ENTERPRISE_GRADE
Access & Identity
Data Protection
Monitoring & Compliance
PRICING: Custom, usage-based · SOC 2 report available under NDA · SOC 3 summary is public
RETENTION_LOG
| Account Type | Default Retention | Training? | Key Detail |
|---|---|---|---|
| Free / Pro / Max (training on) | Up to 5 years | Yes | Default since Sept 28, 2025 |
| Free / Pro / Max (training off) | 30 days | No | Must manually opt out |
| Team | 30 days | No | Limited admin controls |
| Enterprise | Configurable (min 30d) | No | ZDR option available |
| API | 7 days | No | 30-day option via DPA |
| Bedrock / Vertex AI | ~30 days | No | Provider-managed |
Safety-flagged content: retained 2 years (all plans). Classification scores: 7 years. Deletions: midnight UTC, permanent.
CLAUDE_CODE
A command-line tool that lets developers delegate coding tasks directly from the terminal. It reads code, suggests edits, and can execute commands.
How It Works
Admin Controls (since Aug 2025)
CODE_SECURITY
Watch For
Built-In Protections
Key rule: Always use Enterprise or Team premium seats for Claude Code — never consumer accounts. The account determines the data policy.
COWORK_PREVIEW
Launched as a Research Preview in January 2026. Extends Claude into an enterprise productivity platform.
What It Offers
Known Vulnerability
Oct 2025: Files API vulnerability reported — potential data exfiltration via prompt injection. Anthropic acknowledged. Fix planned, timing unclear.
Recommendation: Do not connect Cowork to sensitive systems until the fix is resolved and independently verified.
MEMORY_COMPLIANCE
Memory (Dec 2025)
Certifications
SOC 2 detail under Enterprise NDA. SOC 3 summary is public.
CONSUMER_TRAP
SEPT 28, 2025
ANTHROPIC CHANGED CONSUMER PLAN DEFAULTS. TRAINING IS NOW ON BY DEFAULT.
Even with opt-out: Consumer accounts still retain data for 30 days with no admin visibility, no audit logs, and no centralized control. The only real fix is migration to commercial accounts.
GREENFIELD_DEPLOY
Choose Enterprise or API accounts.
Do not use Free, Pro, or Max for any work involving sensitive data.
Don't assume Team is enough.
It lacks SSO, audit logs, and custom retention. For regulated industries, go Enterprise.
Enable SSO and SCIM immediately.
SAML 2.0 and OIDC are supported. Control access from day one.
Set retention policies to match compliance requirements.
Use Zero-Data-Retention if you're in a heavily regulated industry.
EXISTING_AUDIT
Audit for unauthorized usage.
Consumer accounts, Chrome extensions, personal API keys — find them all.
Mandate training opt-out immediately.
Settings → Privacy → Model Training → Toggle Off. This stops future training only.
Block the Chrome extension if policy prohibits unsanctioned AI.
Deploy via MDM or browser management policies.
Migrate to approved Enterprise accounts.
The only way to get full visibility and centralized control.
DEPLOYMENT_GUIDE
Claude Code
Cowork (when ready)
Cowork is still in Research Preview. Treat as early-stage.
SECURITY_HYGIENE
Monitor
Review
Stay Current
Coming soon: Bring Your Own Key (BYOK) encryption expected H1 2026. Plan your key management strategy now.
DECISION_TREE
| Question | Status | Action |
|---|---|---|
| On Enterprise or API? | Safe | Configure retention and security features. |
| On a Team plan? | Partial | Not trained, but lacks SSO, audit logs, custom retention. |
| On Free, Pro, or Max? | At Risk | Check Settings → Privacy → Training. If ON, turn off now. |
| Using Claude Code? | — | Account type determines the policy, not the tool. |
| AWS Bedrock / Vertex AI? | Safe | Security managed by your cloud provider. |
// END_TRANSMISSION
Account type is everything.
Commercial plans protect your data. Consumer plans don't — by default.
Enterprise is the standard.
Team is better than consumer, but only Enterprise gives you real control.
Audit now, not later.
If employees are on consumer plans, data may already be in Anthropic's training pipeline.
Enterprise Claude Security Guide // February 2026