On this page
Set up AI for your company without leaking customer data
The one-hour setup that makes the safe way to use AI also the easy way, so your team gets the tool they want and your customer data stays out of the training set.
What you'll have when you're done
A company AI setup where the default path is the safe path: a business-tier account where training is off, your team provisioned through company login, personal-account usage retired, and shared workspaces preloaded with safe context. People get a great AI tool, and you stop worrying about what is being pasted where. It takes about an hour, and it converts your biggest AI risk into your strongest AI position.
Banning AI does not stop AI. It just hides it
The instinct when you realize your team is pasting company data into chatbots is to clamp down. It backfires every time. Telling people "no AI" does not stop them, it drives the usage onto personal accounts where you cannot see or govern it. My own first reaction was the wrong one: I sent a stern "please don't put company data into ChatGPT" note and felt like I had handled it. What I had actually done was guarantee that the usage continued exactly as before, minus any chance of me knowing about it. The note did not remove the behavior. It removed my visibility into the behavior, which is strictly worse. The data is stark: a majority of employees use AI tools their employer has not sanctioned, and the overwhelming majority of risky pastes come from personal, unmanaged accounts. That pattern, shadow AI, is the actual risk, not AI itself.
The fix is not control, it is substitution. Buy the right tier so the sanctioned tool is at least as good as the free one, and the incentive to sneak around disappears. When the safe option is also the best option available, people use it. This is a one-hour purchase-and-configure job, not a policing project.
What you need first
- A business AI plan to buy: Claude Team or Enterprise, ChatGPT Team or Enterprise. (Verify with sales, plan names and minimums shift.)
- Your company login system (Google Workspace, Okta) for provisioning.
- Admin access to configure the training/retention settings.
- The green-yellow-red rule from what's safe to put into AI, so the setup has a usage rule behind it.
Step-by-step
Step 1Buy a business tier (this is the whole security model)
Purchase a business plan. This single step is most of your data protection, because on business tiers training-off is the default and you get a data processing agreement that makes the privacy terms contractual. Have counsel confirm the DPA says they do not train on your data and defines retention. Everything else is configuration on top of this foundation.
Step 2Verify the training and retention settings
Do not assume the defaults. In the admin console, confirm training on your data is off and set retention deliberately (note that some enterprise plans have a minimum retention window). If your business handles especially sensitive data, ask the vendor about zero data retention, though that is typically an API-level option, not a chat-app toggle.
Concretely, the things to find and verify in the admin console (names vary by vendor, but the controls map closely):
- Training / model-improvement toggle: confirm it is off for your workspace. On business tiers this is usually the default, but "usually" is not "verified."
- Data retention window: set it to your policy. Shorter is generally safer; just know some enterprise plans enforce a floor.
- Member management: confirm new members join this workspace by default, not their own personal space.
- Connectors / data access: review which integrations members can enable, so customer data does not flow somewhere ungoverned through a side door.
Screenshot the settings once you have them right. When someone later asks "where does our data go," that screenshot plus the DPA is your answer.
Step 3Provision through company login, then retire personal accounts
Roll the tool out via your company SSO so everyone is on the governed account, then actively retire work usage on personal accounts. This is the step people skip and it is the one that matters most: buying a business plan while your team keeps using personal free accounts on the side gives you no protection, because that is where the leaks happen. The governed account has to become the only account they use for work.
Here is the before-and-after this step produces, illustrative. Before: a 30-person company "has no AI policy," which in practice means 22 of those 30 are quietly using personal ChatGPT and Claude accounts, pasting in customer emails, contracts, and half the financial model, on tiers that train on the input, and the CEO cannot see any of it. After: the same 30 people log into one company workspace through Google Workspace, training is off, retention is set, and the personal-account habit is retired because the company account is simply better (it has the shared Projects, it is paid for, it is the default). The leak surface did not shrink because people became more careful. It shrank because the careless path stopped existing.
Step 4Preload shared Projects with safe context
Set up shared Claude Projects for each team, preloaded with the safe context they need (the brand guide, the process docs). This does double duty: it makes the sanctioned tool genuinely better than a blank personal chat (so people prefer it), and it keeps the sensitive stuff inside the governed environment. Concretely: a Sales Project holding your pitch, objection handling, and pricing; a Support Project with the help docs and tone guide; a Finance Project with the chart of accounts and reporting templates. A blank personal ChatGPT cannot compete with a workspace that already knows your business, which is the whole trick: you are not asking people to choose the safe tool over the good one, you are making the safe tool the good one.
Step 5Keep red data on the business tier, always
With the setup done, the rule is simple: red data (customer info, employee data, secrets) lives only on the business tier. Because that tier is now the default tool everyone uses, following the rule is the path of least resistance, which is exactly the point.
How you'll know it's working
Shadow AI drops, because there is no longer a reason to sneak around, the sanctioned tool is better and easier. You can answer "where does our company data go in AI?" with a real answer instead of a shrug. And your team's AI usage goes up, not down, because you removed the fear instead of the tool.
When it breaks
- People keep using personal accounts. The business tool is not better enough, or the retirement was not enforced. Make the sanctioned account genuinely superior (Step 4) and actually retire personal work-use.
- You assumed the defaults were safe. Verify the training-off and retention settings explicitly (Step 2). Defaults vary.
- You over-promised "zero retention" to the team. That is usually API-only, not the chat app. Describe the real terms accurately.
- Sensitive data still leaks. Usually a gap between the rule and a sanctioned home for red data. Confirm the business tier is the default everywhere and the usage policy is clear.
- People use a different consumer tool you didn't sanction. You bought Claude Team; half the team prefers ChatGPT and uses personal accounts for it. The fix is to sanction the tools people actually want (often more than one) on business tiers, rather than mandating one and pushing the rest into the shadows.
- A new SaaS tool quietly added an AI feature. Your governed chat app is locked down, but the AI note-taker or CRM assistant someone enabled is sending data somewhere you never vetted. Periodically audit which tools have switched on AI features and confirm their data terms, this is the leak that grows after you think you are done.
Make it yours. Scale the rigor to your risk. A regulated business (health, finance, legal) should get counsel on the DPA, insist on the shortest retention available, and consider zero data retention at the API layer for the most sensitive flows. A low-regulation business can move faster: buy the business tier, verify training-off, provision through SSO, done in an afternoon. Both follow the same shape; only the depth of the legal and retention review changes.
Where this fits in your harness
This is the supply side of AI governance: the safe tool, configured once. It pairs with the demand-side rule, what's safe to put into AI, and both get codified in a one-page AI usage policy your team will follow. Getting this right is also what makes every other workflow on this site safe to run, the finance, hiring, and inbox workflows all assume your sensitive data is on a tier that does not train on it.
Get three workflows like this every Thursday
The Thursday 3 is a free weekly email. Three workflows that put you in the top 1% of CEOs. 90-second read. Every card links back to a step-by-step guide like this one.
Get the newsletter →The architecture behind this workflow.
Two operator manuals for the same job, run two ways: OpenCLAW for the always-on harness, Claude Code for the focused-work CLI. Pick one, or get the bundle for $149.
Browse the books · $99 eachWant one workflow like this taken apart end-to-end every week? The Tuesday Pro Deep Dive · $39/mo.