SECURITY_AUDIT: 0x4C_38 NODE: ENTERPRISE_BRIEFING ← Exit

// SECURITY_BRIEFING

Protecting Your Data
When Using Claude

A practical security guide for Claude, Claude Code, and Cowork — covering account types, data handling, compliance, and what your organization needs to get right.

Enterprise Guide // February 2026

CORE_PRINCIPLE

Account Type Is Everything

The single biggest factor in protecting your data: your account type.

Not your settings. Not your workflow. Not the tool you're using. The account type determines whether your data is used for model training.

Commercial Plans

Enterprise, Team, API — your data is never used for training. Full stop.

Consumer Plans

Free, Pro, Max — your data is used for training by default since Sept 2025.

RISK_SPECTRUM

The Security Spectrum

Risk

Free / Pro / Max

Training ON by default

No admin controls

No SSO

Partial

Team

No training

Basic admin

No SSO or audit logs

Safe

Enterprise

No training

Full admin + SSO

Audit logs + ZDR

Safe

API / Cloud

No training

7-day retention

Provider-managed

Claude Code follows the account, not the tool. Claude Code on a consumer account follows consumer training policies. The tool doesn't change the rules — the account does.

CONSUMER_RISK

Consumer Plans Are Not Enterprise-Ready

01

Training ON by Default

Since Sept 28, 2025 all consumer accounts train on your data unless manually opted out.

02

Retention: Up to 5 Years

With training enabled, inputs and outputs may be retained for up to 5 years. Even with opt-out: 30 days.

03

Zero Admin Visibility

No centralized controls. No audit logs. No SSO. No way to know what employees are sending.

Verdict: Not suitable for any work involving sensitive or proprietary data.

OPT-OUT: Settings → Privacy → Model Training → Toggle OFF (stops future training only)

TEAM_ANALYSIS

Team Plan: Mind the Gaps

What You Get

  • Data is NOT used for training
  • 30-day default retention
  • Centralized admin dashboard
  • Granular spend controls
  • Usage analytics

What You Don't Get

  • No SSO (SAML/OIDC)
  • No SCIM provisioning
  • No audit logs
  • No custom retention policies
  • No zero-data-retention option

PRICING: $20–30/user/mo (standard) · $150/user/mo (premium w/ Claude Code)

ENTERPRISE_GRADE

Enterprise: The Right Choice

Access & Identity

  • SAML 2.0 / OIDC SSO
  • SCIM user provisioning
  • Full admin controls
  • Network isolation (PSC)

Data Protection

  • Never used for training
  • Configurable retention
  • Zero-Data-Retention option
  • AES-256 at rest, TLS 1.2+
  • BYOK coming H1 2026

Monitoring & Compliance

  • Full audit logs
  • Compliance API
  • SOC 2 Type II
  • ISO 27001
  • HIPAA / GDPR compliant

PRICING: Custom, usage-based · SOC 2 report available under NDA · SOC 3 summary is public

RETENTION_LOG

How Long Is Your Data Kept?

Account Type Default Retention Training? Key Detail
Free / Pro / Max (training on) Up to 5 years Yes Default since Sept 28, 2025
Free / Pro / Max (training off) 30 days No Must manually opt out
Team 30 days No Limited admin controls
Enterprise Configurable (min 30d) No ZDR option available
API 7 days No 30-day option via DPA
Bedrock / Vertex AI ~30 days No Provider-managed

Safety-flagged content: retained 2 years (all plans). Classification scores: 7 years. Deletions: midnight UTC, permanent.

CLAUDE_CODE

Claude Code: What Leadership Needs to Know

A command-line tool that lets developers delegate coding tasks directly from the terminal. It reads code, suggests edits, and can execute commands.

How It Works

  • Requires access to your codebase
  • Default mode is read-only
  • Edits require explicit approval
  • Commands run in sandboxed environments
  • Cloud sessions run in isolated VMs

Admin Controls (since Aug 2025)

  • Managed permissions & file access
  • GitHub Action for CI/CD scanning
  • Usage analytics (lines accepted)
  • MCP server connection governance
  • Security scanning (Feb 2026 beta)

CODE_SECURITY

Claude Code Security

Watch For

  • Codebase access — Understand what you're exposing. Scope access appropriately.
  • MCP connections — Each connection extends Claude's reach into other systems. Audit every one.

Built-In Protections

  • Human-in-the-loop (default ON) — Code changes and executions require explicit approval. Do not override.
  • Security scanning — Context-aware vulnerability detection. Found 500+ high-severity vulns in testing.

Key rule: Always use Enterprise or Team premium seats for Claude Code — never consumer accounts. The account determines the data policy.

COWORK_PREVIEW

Cowork: Proceed with Caution

Launched as a Research Preview in January 2026. Extends Claude into an enterprise productivity platform.

What It Offers

  • Prebuilt templates: HR, finance, engineering, legal
  • MCP connectors to Drive, Gmail, DocuSign, FactSet
  • Private plugin marketplaces
  • Context passing to Excel & PowerPoint

Known Vulnerability

Oct 2025: Files API vulnerability reported — potential data exfiltration via prompt injection. Anthropic acknowledged. Fix planned, timing unclear.

Recommendation: Do not connect Cowork to sensitive systems until the fix is resolved and independently verified.

MEMORY_COMPLIANCE

Memory Features & Certifications

Memory (Dec 2025)

  • Project-based contexts across conversations
  • Opt-in and fully user-controlled
  • Users can view, edit, and delete memories
  • Never used for training without consent
  • Portable — exportable to other tools
  • Incognito mode disables memory entirely

Certifications

  • SOC 2 Type II — Audit completed
  • ISO 27001 — Certified
  • HIPAA — Compliant w/ configuration
  • GDPR — Compliant
  • EU Digital Services Act — Aligned

SOC 2 detail under Enterprise NDA. SOC 3 summary is public.

CONSUMER_TRAP

The Consumer Plan Trap

SEPT 28, 2025

ANTHROPIC CHANGED CONSUMER PLAN DEFAULTS. TRAINING IS NOW ON BY DEFAULT.

Every employee on a Free, Pro, or Max account who didn't disable training has been feeding data into Anthropic's training pipeline — for months.

Even with opt-out: Consumer accounts still retain data for 30 days with no admin visibility, no audit logs, and no centralized control. The only real fix is migration to commercial accounts.

GREENFIELD_DEPLOY

If You're Starting From Scratch

01

Choose Enterprise or API accounts.

Do not use Free, Pro, or Max for any work involving sensitive data.

02

Don't assume Team is enough.

It lacks SSO, audit logs, and custom retention. For regulated industries, go Enterprise.

03

Enable SSO and SCIM immediately.

SAML 2.0 and OIDC are supported. Control access from day one.

04

Set retention policies to match compliance requirements.

Use Zero-Data-Retention if you're in a heavily regulated industry.

EXISTING_AUDIT

If Employees Are Already Using Claude

01

Audit for unauthorized usage.

Consumer accounts, Chrome extensions, personal API keys — find them all.

02

Mandate training opt-out immediately.

Settings → Privacy → Model Training → Toggle Off. This stops future training only.

03

Block the Chrome extension if policy prohibits unsanctioned AI.

Deploy via MDM or browser management policies.

04

Migrate to approved Enterprise accounts.

The only way to get full visibility and centralized control.

DEPLOYMENT_GUIDE

Code & Cowork Deployments

Claude Code

  • Use Enterprise or Team premium seats — never consumer
  • Audit all MCP server connections
  • Keep human-in-the-loop defaults
  • Use sandboxed environments for testing
  • Scope codebase access appropriately

Cowork (when ready)

  • Wait for the prompt injection fix first
  • Start with low-risk use cases
  • Audit every MCP connector before enabling
  • Use private plugin marketplaces

Cowork is still in Research Preview. Treat as early-stage.

SECURITY_HYGIENE

Keep It Going

Monitor

  • Review audit logs regularly
  • Use Compliance API for continuous monitoring
  • Watch for unauthorized consumer account usage

Review

  • Update retention policies quarterly
  • Re-audit MCP connections after changes
  • Review codebase access scope

Stay Current

  • Train employees on approved usage
  • Track Anthropic's policy announcements
  • Terms changed twice in 2025 — expect more

Coming soon: Bring Your Own Key (BYOK) encryption expected H1 2026. Plan your key management strategy now.

DECISION_TREE

Is Your Data Safe?

Question Status Action
On Enterprise or API? Safe Configure retention and security features.
On a Team plan? Partial Not trained, but lacks SSO, audit logs, custom retention.
On Free, Pro, or Max? At Risk Check Settings → Privacy → Training. If ON, turn off now.
Using Claude Code? Account type determines the policy, not the tool.
AWS Bedrock / Vertex AI? Safe Security managed by your cloud provider.

// END_TRANSMISSION

Three Things to Take Away

1.

Account type is everything.

Commercial plans protect your data. Consumer plans don't — by default.

2.

Enterprise is the standard.

Team is better than consumer, but only Enterprise gives you real control.

3.

Audit now, not later.

If employees are on consumer plans, data may already be in Anthropic's training pipeline.

Enterprise Claude Security Guide // February 2026

01 / 18