How to Set Up and Secure Your Claude for Work Account: A Step-by-Step Guide for Business Owners

‍

If your business is adopting Claude — Anthropic's AI assistant — for your team, getting the account set up correctly from the start is one of the most important things you can do. An improperly configured Claude for Work deployment can expose your confidential business data, allow employees to connect unauthorized third-party applications, and leave your organization vulnerable to the same "shadow AI" risks that security teams are increasingly worried about.

This guide is written for business owners who want to deploy Claude for Work the right way. We have flagged every step that requires technical expertise so you know exactly when to loop in your IT provider — and what to ask them to do.

This guide covers Claude for Work on the Team and Enterprise plans (claude.ai). If you are using the free, Pro, or Max consumer plans, different — and weaker — data privacy defaults apply. See the data training section below for why this matters.

Step 1: Creating Your Claude for Work Organization

What You Need Before You Start

Before signing up, have these ready:

• A business email domain you control (e.g., yourcompany.com)
• Your IT provider's contact info — you will need them for the SSO and DNS steps
• Your company's identity system: Microsoft 365 / Entra ID or Google Workspace admin credentials
• A plan decision: Team ($25–$30/user/month) covers most businesses; Enterprise (custom pricing) adds SCIM provisioning, compliance API, and IP allowlisting

Creating the Organization

✅  YOU CAN DO THIS: Signing up and creating your organization at claude.ai is straightforward — no technical knowledge required. Just use your business email.

Navigate to claude.ai and select "Create a Team." During setup you will designate a Primary Owner — the single account with full organizational control. This should be an IT administrator or a named business owner, not a shared inbox or a departing employee's account.

⚠️  There is only one Primary Owner per organization. Choose this account carefully. Ownership can be transferred later but requires deliberate action. The Primary Owner can export all member data, manage billing, and configure every security setting.

Understanding Roles

✅  YOU CAN DO THIS: Assigning roles to team members is done through the admin dashboard — you are simply choosing from a dropdown menu.

Claude for Work uses a role-based structure. Assigning roles correctly from day one limits your exposure if an account is compromised:

• Primary Owner — Full organizational control, billing, SSO configuration, and all security settings. Only one per organization.
• Owner / Admin — Can manage members, configure security policies, approve connector requests, and adjust organization settings. Assign to your IT admin or operations leads.
• Member — Standard Claude usage with no configuration rights. Appropriate for the majority of your staff.

‍

Assign the minimum role necessary for each user's job. An employee who only needs Claude for writing and research has no need for Admin access.

Step 2: Setting Up Single Sign-On (SSO)

Why SSO Matters for Business Security

Single Sign-On is one of the most important security controls you can enable for any tool your team uses. Here is why it should be a priority:

• Instant offboarding — When an employee leaves and their account is disabled in Microsoft or Google, their Claude access is automatically revoked too. Without SSO, you must remember to remove them manually from every platform.
• Centralized MFA enforcement — SSO enforces your existing multi-factor authentication policies on Claude automatically — no extra setup required.
• Streamlined onboarding — With Just-in-Time provisioning, new employees get Claude access automatically on first login, without you sending individual invitations.

🔧  NEEDS IT HELP: SSO setup requires access to your Microsoft Entra ID (Azure AD) or Google Workspace admin console, the ability to create enterprise app registrations, and editing DNS records. Hand this section to your IT provider with the instructions below.

How Claude SSO Works (Background for Your IT Provider)

Claude uses WorkOS as its underlying provider for domain verification and SSO. It supports SAML 2.0 and OIDC, making it compatible with Microsoft Entra ID, Google Workspace, Okta, Ping Identity, and most modern enterprise Identity Providers. SSO operates through a "parent organization" that stores your SSO settings and can be shared across multiple Claude organizations.

Setting Up SSO with Microsoft Entra ID (Azure AD)

🔧  NEEDS IT HELP: All steps in this section require Microsoft Entra ID admin access and DNS management rights. Your IT provider should own this process end-to-end.

Step 1: Verify your domain in Claude — Navigate to Organization Settings > Identity and Access > Domains. Add your company domain and copy the DNS TXT verification record provided.

Step 2: Add the DNS TXT record — Log in to your DNS provider and add the TXT record. Verification typically takes 5–15 minutes.

Step 3: Configure SSO in Claude — Go to Organization Settings > Identity and Access > Single Sign-On. Select Microsoft Entra ID and follow the WorkOS guided setup. Create an enterprise application in Entra and provide the metadata URL or upload the metadata XML.

Step 4: Configure in Microsoft Entra ID — In the Entra admin center, create a new Enterprise Application for Claude. Provide the ACS URL and Entity ID from Claude's setup flow. Assign the app to the relevant users or groups.

Step 5: Test with a non-admin account — Before enforcing SSO organization-wide, test the flow with a standard employee account to confirm everything works.

Step 6: Enable 'Require SSO for Claude' — Toggle on Require SSO in Claude's admin settings. This prevents any member from logging in with a username and password — all logins must go through your IdP.

⚠️  Enabling 'Require SSO for Claude' will lock out any employees not yet assigned to the Claude enterprise app in your IdP. Notify all employees and confirm assignments in Entra before flipping this switch.

Setting Up SSO with Google Workspace

🔧  NEEDS IT HELP: Google Workspace SSO requires Google Admin Console access and the ability to create SAML app registrations. Your IT provider should handle this.

In Claude's admin settings, select Google Workspace as your Identity Provider. You will use SAML 2.0 to connect. In the Google Admin Console, navigate to Apps > Web and Mobile Apps, add a custom SAML app, and enter the ACS URL and Entity ID from Claude's setup. Download the Google IdP metadata and upload it to Claude. Assign the app to the appropriate organizational units or groups, then test and enforce.

Lock Down Domain Creation — After Domain Is Verified

Once your domain is verified (the IT step above is complete), there is a simple toggle you can enable yourself:

✅  YOU CAN DO THIS: The 'Restrict Organization Creation' toggle lives in Organization Settings > Identity and Access > Security. Once your domain is verified, you can flip this on yourself — no technical knowledge required.

This toggle prevents any employee from creating a separate personal Claude account or shadow organization using your company email domain. Without it, a staff member could spin up their own unmanaged Claude workspace with their work email — entirely outside your security controls.

⚠️  This toggle only appears after your domain has been verified via DNS. If you do not see it yet, the DNS verification step has not been completed. Ask your IT provider to complete Step 1 of the SSO setup above first.

‍Step 3: Controlling Who Can Join and Invite

✅  YOU CAN DO THIS: Both settings in this section are simple dropdowns in Organization Settings — no technical knowledge required.

Invite Approval Settings

By default on Team plans, any member can invite new teammates and the invite is sent automatically without admin review. Change the new member approval setting to "Approve one-by-one" under Organization Settings > Organization. With this on, invitations go to an admin for review before the email is ever sent — giving you a gate against accidental access by contractors or former employees.

Domain Restrictions

Configure allowed domains so only email addresses matching your verified company domain(s) can join the organization. Even if an invitation is accidentally sent to an outside email, the recipient will be unable to join your workspace.

Step 4: Managing Connectors — The Control Most Businesses Miss

What Connectors Are and Why They Matter

Connectors are integrations that allow Claude to access data from external platforms — Microsoft 365, Google Drive, Slack, and a growing catalog of other tools. When active, Claude can read emails, search documents, and pull information from connected systems to give your team more relevant answers.

This is genuinely valuable. But without oversight, employees can connect Claude to third-party services your IT team has not reviewed or approved — creating shadow IT risk.

⚠️  On Team plans, the connector catalog is open by default. Any member can enable connectors without admin approval. If you have not reviewed connector settings, employees may already be connecting Claude to tools you have not authorized.

✅  YOU CAN DO THIS: Restricting the connector catalog is done in Organization Settings > Connectors — you are toggling things on or off. The Microsoft 365 connector setup, however, requires IT help (see below).

Setting Up the Microsoft 365 Connector — The Right Way

🔧  NEEDS IT HELP: Enabling the Microsoft 365 connector requires a Microsoft Entra Global Administrator to complete an organization-wide consent flow. This is not something a standard user can do. Your IT provider must complete step 2 below.

1. A Claude Owner navigates to Organization Settings > Connectors > Browse Connectors and adds Microsoft 365. Until this step, no user has access.
2. (IT Required) A Microsoft Entra Global Administrator completes a one-time consent flow, authenticating with their Microsoft credentials and granting permissions on behalf of the entire tenant.
3. After the Global Administrator completes org-wide consent, individual users connect their own Microsoft 365 accounts in their personal Settings > Connectors.

To restrict which employees can use the connector after setup, your IT provider should navigate to the M365 MCP Server enterprise application in Entra Admin Center, set "Assignment required?" to Yes, and assign only approved users or groups.

The Microsoft 365 connector is read-only — Claude can search and retrieve emails, SharePoint files, and Teams messages, but cannot send emails, create documents, or post messages.

General Connector Governance (You Can Do This)

✅  YOU CAN DO THIS: Reviewing and disabling unused connectors in the admin dashboard is a straightforward task. Think of it like reviewing which apps have access to your Google account.

• Review permissions first — Before enabling any connector, understand what data it can access.
• Prefer read-only — Prefer connectors that are read-only. Be cautious about any connector that can create, modify, or delete data.
• Maintain an approved list — Keep a record of which connectors are enabled. Review quarterly.
• Remove unused connectors — Only enable connectors your team is actively using.

Step 4b: The Desktop Extension Allowlist — An Important Default You Need to Know About

What Desktop Extensions Are

Desktop extensions (also called MCP Bundles or MCPBs) are integrations that run directly on an employee's computer through the Claude Desktop app. They can connect Claude to local files, internal tools, databases, and other systems on the employee's machine. Think of them as plug-ins for the desktop version of Claude.

Common examples include extensions that let Claude read local files, connect to a company database, or integrate with developer tools. They are powerful — and that power means they deserve deliberate governance.

The Critical Default You Need to Change

⚠️  The desktop extension allowlist is OFF by default. Until you turn it on, employees can install any extension from the public registry without admin approval. This is one of the most important settings to address early.

This is the opposite of what most business owners would expect. With the allowlist disabled, your employees have unrestricted access to any publicly available desktop extension — including ones your IT team has never reviewed. Enabling the allowlist immediately locks this down and puts you in control.

Enabling and Configuring the Allowlist

✅  YOU CAN DO THIS: Enabling the allowlist and approving specific extensions is done entirely in the admin dashboard under Organization Settings > Connectors > Desktop tab. No technical knowledge required — you are simply toggling the allowlist on and then clicking 'Add to your team' for the extensions you want to permit.

Here is how to set it up:

4. Navigate to Organization Settings > Connectors and select the Desktop tab.
5. Enable the allowlist toggle. The moment this is on, all desktop extensions are blocked by default — employees cannot install anything until you explicitly approve it.
6. Click 'Browse extensions' to view available extensions from the public registry.
7. Review each extension, understand what it accesses, and click 'Add to your team' for any you want to permit.
8. Review and remove any extensions your team no longer uses.

Your organization can also upload custom extensions — for example, an internal tool built specifically for your workflows — via Organization Settings > Connectors > Desktop. These custom extensions are only visible to your team, not the public registry.

🔍  Treat desktop extension approvals the same way you would treat approving new software on a company computer. Each one deserves a quick review of what it can access before your team installs it.

One Caveat for IT Providers

🔧  NEEDS IT HELP: If your organization uses machine-level enterprise policy controls for the Claude Desktop app (via Windows Registry or macOS MDM configuration), those settings override the in-app allowlist. Specifically, if 'isDesktopExtensionEnabled' or 'isDesktopExtensionDirectoryEnabled' are set to false at the system level, the in-app allowlist cannot function. Your IT provider needs to ensure those flags are not blocking the allowlist before you configure it in the dashboard.

Step 5: Data and Privacy Settings — Read This Carefully

The Critical Difference Between Consumer and Work Accounts

This is the most misunderstood aspect of Claude for businesses, and getting it wrong has real compliance implications. Claude operates under two fundamentally different sets of data terms depending on account type:

• Consumer accounts — Free, Pro, Max plans — governed by Consumer Terms. As of September 28, 2025, conversations are used to train Anthropic's AI models by default unless each individual user manually opts out. Data retention for training-enabled accounts is up to five years.
• Work accounts — Claude for Work Team and Enterprise plans — governed by Commercial Terms. Under these terms, Anthropic acts as a data processor, not a data controller. Conversations are not used for model training by default.

⚠️  If employees are using personal Free, Pro, or Max accounts for company work, your confidential data may be training Anthropic's AI models. Audit your organization's Claude usage and ensure all business use is happening through your managed Work account.

Organization-Level Data and Privacy Controls (You Can Do This)

✅  YOU CAN DO THIS: All of the following settings live under Organization Settings > Data and Privacy and are simple toggles — no technical knowledge required.

As an Owner or Primary Owner, you have several important controls in Organization Settings > Data and Privacy:

• Rate chats (feedback submission) — The thumbs up/down rating button allows employees to submit feedback on Claude responses directly to Anthropic. This feedback is used for research and model improvement. Disabling it — by turning off the 'Rate chats' setting — prevents any conversation content from being submitted as feedback from your organizational environment. Recommended for most businesses.
• Conversation data retention — Depending on your plan and settings, you may have options to configure how long Claude retains conversation data within your organization. Shorter retention periods are better for sensitive environments. Review what is available under your plan.
• Other data sharing controls — Review this section for any additional toggles that control what data Anthropic can access from your organization's usage. The options available may vary between Team and Enterprise plans.

What Individual Users Control (And What Admins Should Know)

Not all data privacy settings are in the admin dashboard — some are controlled by individual employees in their own account settings. This is important to understand, because a setting you have not addressed organizationally may still be configured incorrectly at the user level.

• Model training toggle — On consumer plans (Free, Pro, Max), individual users control the 'Help improve Claude' toggle in Settings > Privacy. On Work plans, model training is off by default and not user-configurable — but employees who also have personal consumer accounts should be reminded to opt out of training on those accounts if they have one.
• Conversation history — Individual users on Work plans can delete their own conversation history. Deleting a conversation removes it from future training consideration (on consumer accounts) and reduces the data footprint. Encourage employees to delete sensitive conversations they would not want accessible.
• Connector data — Employees should understand that connector data — emails or files pulled in from Microsoft 365 or Google Drive — is not included in feedback reports sent to Anthropic, but it is processed within the conversation context. Remind employees to use connectors only for work-appropriate queries.

What Is Appropriate to Process Through Claude

✅  YOU CAN DO THIS: Creating and communicating a simple internal AI usage policy is something you can draft yourself — it does not require technical expertise, just a clear set of guidelines.

• Generally appropriate — Internal drafts, research, public information, and general business documents.
• Requires review — Client PII, patient data (HIPAA), payment card data (PCI), attorney-client privileged communications, and trade secrets — review your Data Processing Agreement with Anthropic before processing.
• Regulated industries — Work with your IT provider and legal counsel to review contractual terms before using Claude with regulated data.

Step 6: Additional Security Controls Worth Configuring

Control Project Visibility

✅  YOU CAN DO THIS: This is a toggle in admin settings. Start with public projects disabled — you can relax this later.

Claude for Work lets employees create Projects — shared workspaces with uploaded documents and custom instructions. Start with public projects disabled. This prevents employees from creating organization-wide visible workspaces without admin review, which stops anyone from inadvertently uploading sensitive documents to a space visible to the entire company.

Disable Capabilities You Are Not Ready to Use

✅  YOU CAN DO THIS: Toggling Cowork and Claude in Chrome on or off is done in Admin Settings > Capabilities. You can do this yourself — but ask your IT provider what each one means for your security posture before deciding.

On Team plans, some powerful capabilities are enabled by default. Review each one consciously:

• Claude Cowork — An agentic feature that can run code, browse the web, read and write local files, and execute scheduled tasks on an employee's computer. It deserves a dedicated security review before enabling. Toggle at Admin Settings > Capabilities > Cowork.
• Claude in Chrome — Allows Claude to read and interact with content in employees' active browser tabs, including internal dashboards, emails, and web apps. Disable via Admin Settings > Claude in Chrome unless you have specifically planned for this use case. When enabled, configure an allowlist restricting which websites Claude can access — start restrictive and expand over time.

🔍  On Team plans, both Cowork and Claude in Chrome may be enabled by default. Check these settings now if you have not already done so.

Shadow AI: Employees Using Personal Accounts on Work Devices

One of the most overlooked risks: employees using personal Free or Pro Claude accounts on company devices to handle company work. Consumer accounts have weaker data terms, meaning any company information entered into a personal account falls outside your organizational controls.

🔧  NEEDS IT HELP: Enterprise plans support tenant restrictions that technically block personal Claude account usage on your corporate network. This requires configuring your network proxy to inject a specific HTTP header — a task for your IT provider.

✅  YOU CAN DO THIS: On Team plans (where tenant restrictions are not available), the practical fix is a clearly communicated, written AI usage policy: no company data in personal AI accounts, period. Draft a one-pager and include it in onboarding.

Your Claude for Work Security Setup Checklist

✅ = You can do this in the admin dashboard  |  🔧 = Get your IT provider involved

9. ✅  Create your organization and assign the Primary Owner role to a named admin account
10. ✅  Set role assignments — minimize Admin access to those who genuinely need it
11. 🔧  Verify your company domain via DNS TXT record (IT does this)
12. 🔧  Configure SSO with Microsoft Entra ID or Google Workspace (IT does this)
13. 🔧  Enable 'Require SSO for Claude' once SSO is set up and tested (IT does this)
14. ✅  Enable 'Restrict Organization Creation' — toggle appears after domain is verified
15. ✅  Set new member approval to 'Approve one-by-one'
16. ✅  Configure allowed email domains for joining
17. ✅  Review the connector catalog — disable open access to unapproved connectors
18. 🔧  Set up Microsoft 365 connector with Entra Global Admin consent (IT does this)
19. 🔧  Restrict M365 connector access to approved users/groups in Entra (IT does this)
20. ✅  Enable the desktop extension allowlist under Connectors > Desktop
21. ✅  Review and approve only the specific desktop extensions your team needs
22. ✅  Disable 'Rate Chats' (feedback) under Organization Settings > Data and Privacy
23. ✅  Review all Data and Privacy toggles and configure to your organization's needs
24. ✅  Remind employees to opt out of model training on any personal Claude accounts
25. ✅  Disable Public Projects unless you have a governance plan
26. ✅  Review and consciously toggle Claude Cowork and Claude in Chrome
27. ✅  If enabling Claude in Chrome, configure a site allowlist — start restrictive
28. ✅  Publish an internal AI usage policy — no company data in personal Claude accounts
29. 🔧  (Enterprise only) Configure tenant restrictions to block personal account access on the corporate network
30. 🔧  (Enterprise only) Consider IP allowlisting — contact Anthropic sales with your approved CIDR ranges

Frequently Asked Questions

Do I need an Enterprise plan or is Team enough?

For most small and mid-sized businesses, the Team plan provides sufficient controls — SSO, role-based access, connector management, the desktop extension allowlist, and data privacy settings. Enterprise adds SCIM automated provisioning, the Compliance API for audit trails, tenant restrictions to block personal account usage, IP allowlisting, and custom security addendums — all more relevant as your organization grows or compliance requirements increase.

Does Claude for Work train on our company data?

No. Under Anthropic's Commercial Terms of Service — which govern Team and Enterprise plans — your conversations are not used to train AI models. This is a fundamental difference from the consumer plans. Make sure all business use of Claude happens through your managed Work account, not through personal employee accounts.

Can I control which employees can use specific connectors or desktop extensions?

Yes. For web connectors like Microsoft 365, your IT provider can use Entra's app assignment features to restrict access to specific users or groups. For desktop extensions, enabling the allowlist in Organization Settings > Connectors > Desktop controls which extensions are available to everyone in your organization. Per-user desktop extension controls are organization-wide for now — either an extension is approved for the whole org or it is not.

What happens to an employee's Claude access when they leave?

With SSO configured and enforced, disabling or removing the employee from the Claude enterprise app in your IdP immediately revokes their Claude access — no separate step needed in Claude. Without SSO, you must manually remove them in Organization Settings.

Is there an audit log of what employees are doing in Claude?

On Enterprise plans, the Compliance API provides real-time access to usage data and conversation logs that can be integrated into your existing security tooling. On Team plans, you have member management and usage visibility in the admin dashboard. Microsoft 365 connector activity is separately logged in the M365 Compliance Center.

I am not technical at all — how much of this can I really do myself?

More than you might expect. Creating the organization, assigning roles, managing invites, controlling connectors, enabling the desktop extension allowlist, adjusting data privacy settings, toggling capabilities, and drafting your AI usage policy are all point-and-click tasks in the admin dashboard. The parts that genuinely need IT are DNS verification, SSO setup with Microsoft or Google, Entra app assignments, and enterprise network restrictions. For a managed IT provider, those are standard tasks — typically a few hours of work.

The Bottom Line

Claude for Work is a powerful AI tool that can meaningfully improve your team's productivity. But like any platform with access to your data and workflows, it rewards a thoughtful setup — and several important defaults are less secure than you would expect out of the box.

The good news: you can handle a significant portion of this yourself. The security controls that require IT expertise — SSO, DNS, Entra configuration, network controls — are well-defined tasks that any competent IT provider can complete quickly. Everything else is yours to configure directly in the dashboard.

Working with a managed service provider who understands both the Microsoft/Google identity stack and AI platform governance means you get a secure Claude deployment without needing to become an IT expert yourself.

‍

📞  Ready to deploy Claude for Work securely in your organization? We help businesses set up, configure, and govern AI tools as part of a broader IT security strategy. Contact us for a free consultation — we will handle the technical setup and make sure your team is protected from day one.