- 13
- May
After a customer picks Claude Team Premium or Standard, the next question is — "How do admins configure policy by our org's data governance? What do they see about each member? Can they read chats? How do Skill and MCP differ from Personal?" This is a follow-up to Claude Max vs Team Premium for 10 People, going deep on the Admin Console and the governance boundaries most people don't fully understand.
TL;DR — what admins can and cannot do
- Admins see: member list, seat type, aggregate usage analytics, audit log of admin actions, billing
- Admins control: add/inactivate users, switch Standard ↔ Premium, set per-user spend caps, allow/block connectors, deploy workspace Skills, MCP allowlist, restrict tools for Claude Code
- Regular admins can't read chat content via UI: there's no "read this member's chat" button in the Admin Console — only metadata (message count, model, usage)
- But the Primary Owner can request a workspace data export that includes conversations, uploaded files, and usage patterns (per Anthropic Help Center) — workspace accounts are not as private as Personal accounts
- Data is not trained on: Team plan content is not used to train Anthropic models (default policy for Team/Enterprise)
- How Personal differs: no admin, no audit, no shared Skills, any MCP server can be added by the user — Team admins control all of this
1. Admin Console — main structure
When you start a Team plan (Standard/Premium) you get a Workspace. The owner enters Settings to see these main tabs:
- Members — list of employees in the plan, seat type (Standard/Premium), role (Owner/Admin/Member)
- Billing — invoices, renewal, seat count used/available
- Usage Analytics — message volume, Claude Code usage, model distribution (aggregate and per-user)
- Connectors — enable/disable Google Drive, Slack, GitHub, Microsoft 365 at the workspace level
- Skills — Skills the admin deploys for the workspace to use together
- Tool Permissioning (Premium) — what tools Claude Code is allowed to call, what's banned
- MCP Configuration (Premium) — list of MCP servers the workspace allows
- Audit Log — records of admin actions (e.g., user added, seat changed, connector approved)
- Data Settings — workspace-level privacy/retention controls
Note: Menu names and positions in the Anthropic Console may change with UI rollouts — this article summarizes the feature groupings Anthropic has announced, but the actual paths should be confirmed in the Anthropic Help Center.
2. User & Seat Management — add/inactivate/switch seats
The heart of governance is controlling who can access the workspace. The first place admins use most is Settings → Members.
- Add a user: Invite by email — invitees must accept within 7 days (per Anthropic T&C)
- Assign roles:
- Owner — full access, including billing and workspace deletion
- Admin — manage members, settings, view analytics — cannot delete the workspace
- Member — regular user, no admin settings
- Change seat type: Standard ↔ Premium can be switched anytime (cost is prorated per Anthropic T&C)
- Inactivate a user: "Remove from workspace" — the user loses access; workspace chat history stays in the org (it doesn't follow the user)
- Transfer ownership: if the original owner leaves, ownership can be transferred to someone else
3. Data Settings & Workspace-Level Policy
The section that maps directly to Data Governance:
3.1 No Training on Team Data
Anthropic states clearly in its documentation that Team/Enterprise content is not used to train models — this is the default with no opt-in needed, unlike Free/Pro/personal Max where users toggle this themselves (Anthropic adjusted the Personal default in 2025).
- Member chat messages are not fed into training
- Files uploaded to Projects/Artifacts are not used to train
- Claude Code transcripts are not used to train
- Messages flagged for trust & safety review may be accessed by Anthropic under its abuse policy — separate from training data
3.2 Data Retention
- Default: member chats are kept in the workspace as long as the user wants them
- Members can delete their own chats — Anthropic removes them from the backend within its retention window (typically 30 days)
- Admins cannot directly fetch a member's files or chats — that requires a support request or data export API (where available)
3.3 Compliance Posture
- SOC 2 Type II — applies to Team/Enterprise
- BAA (HIPAA) — Enterprise can sign a Business Associate Agreement
- DPA (Data Processing Agreement) — Anthropic provides DPA templates for EU/UK and PDPA-equivalent regions
- GDPR/PDPA: Team plan creates a contractual data-processor relationship between the company and Anthropic — different from Personal, where the user is their own data subject
4. Privacy Boundary — Can Admins Read Member Chats?
This is the most important question of the article — and the short answer is by default, no.
Two levels of admin/Owner data access
- Admin in the Console UI: cannot see chat content — neither admin nor owner has a "read this member's chat" button in the dashboard. They get metadata only (message count, model used, Claude Code usage).
- Primary Owner via Data Export: can see content — Anthropic allows the Primary Owner to request a workspace data export that includes "conversations, uploaded files, and usage patterns" of members (per Anthropic Help Center).
Practical meaning: A regular admin cannot read chats in real time, but the Primary Owner can export the whole workspace. Employees should know that workspace chats are not "private like a Personal account" — your company policy should set the conditions for using export.
What admins see vs. don't see
| Item | Admin sees? | Notes |
|---|---|---|
| Member list, role, seat type | ✓ | Full — used for provisioning decisions |
| Member message/prompt count | ✓ aggregate | Numbers, not content |
| Claude Code usage (time, tokens, command count) | ✓ | Drives the spend cap |
| Connectors a member has enabled | ✓ | Because the admin controls the allowlist |
| Member chat content via UI | ✗ | Admin Console has no "read another's chat" button |
| Member chat via Data Export | ⚠ Primary Owner can | Export includes chats, uploaded files, usage patterns |
| Content in a member's private Project | ✗ | Member must share to the workspace first |
| Files uploaded in member chats | ✗ | Admin only sees the event, not the file |
| Audit log of other admins' actions | ✓ | Owner/Admin can view |
What Primary Owner Data Export Actually Covers
Anthropic states in its Help Center that the Primary Owner of Claude for Work (Team/Enterprise) can request a data export of the workspace, which includes "conversations with Claude, uploaded files, and usage patterns" of members.
- Available to Primary Owner only (not every Admin)
- Comes as a file — not a "read user's chat in real time" capability
- Team plan audit logs do not export chat titles or content (only unique identifiers) — but direct data export does include content
- Enterprise plan adds a Compliance API + eDiscovery for legal hold, which Team plan does not match — suitable for regulated organizations
From an HR/employee angle — communicate clearly that a workspace account is not a private mailbox; it's a company asset the org can access under policy.
Anthropic designs Claude Team so admins see metadata about employees, not content — a clear separation from MDM/EDR systems that can read employees' screens. For IT managers it means — you control access, but you can't control the content of users' conversations with AI directly. That has to come from policy and user training.
- Anthropic's privacy-preserving governance design
5. Sharing — Projects, Prompts, Skills in a Workspace
One of Team's advantages over Personal: share tools across the workspace.
5.1 Shared Projects
- Members create a Project and choose visibility: Personal, Workspace, or Specific members
- Workspace Projects = everyone has access — good for "HR knowledge base," "Onboarding guide," "Customer FAQ"
- Owners/Admins can archive workspace-level Projects
5.2 Shared Skills
- Skills = capabilities a user can create (e.g., "Write a proposal in our company format," "Analyze P&L for Saeree")
- Personal: Skills are tied to the user's account
- Team: Admins deploy Skills at the workspace level — every member uses the same Skill, like a "company-wide preset"
- Example: HR creates a Skill "Screen resumes against our criteria" → admin deploys → every recruiter uses it the same way
5.3 Shared Prompt Templates
- Team plan supports a workspace-level prompt library
- Reduces prompt drift — the team doesn't need to recreate prompts every time
- Good for repeated patterns: "Draft an email in our company tone," "Summarize meetings in our template"
6. MCP & Connector Governance — What Can You Restrict?
MCP (Model Context Protocol) and connectors are where Personal and Team differ most — because they're the "gateway" for AI into your org's systems.
6.1 Connectors (Google Drive, Slack, GitHub, M365)
| Connector control | Personal (Pro/Max) | Team (Std/Premium) |
|---|---|---|
| Who enables/disables connectors | The user | Admin controls the allowlist |
| See the scope the connector requests | User confirms | Admin pre-approves |
| Block specific connectors | ✗ | ✓ |
| Audit who connected what, when | ✗ | ✓ |
6.2 MCP Server Allowlist (Premium)
MCP is an open standard for Claude to connect to any system via a server — the trade-off is MCP servers come from many vendors and not all are trustworthy.
- Personal: the user can add any MCP server — including ones the org's admin hasn't vetted
- Team Premium: admins set an allowlist of MCP servers — members can only add ones on the list
- Example: a company allows MCPs only for internal Postgres, GitHub Enterprise, and Linear — blocks third-party connectors that haven't passed security review
6.3 Tool Permissioning for Claude Code (Premium)
Claude Code is an agent that runs commands in a terminal — admins control what it cannot do:
- Block
rm -rf,sudo, system-file deletion - Block edits outside the project directory
- Restrict access to specific environment variables
- Block command groups (network egress, package installation)
7. Spend Cap & Cost Controls (Premium)
Claude Code is the feature that can "burn dollars" fastest if uncontrolled — Premium has guardrails:
- Org-level cap: workspace exceeds $X/month → automatic block
- Per-user cap: each member has a budget — once exceeded, Claude Code stops new agent runs for that user
- Alert thresholds: notifications at 50% / 75% / 90% of budget
- Analytics breakdown: who's burning the most tokens, which projects are heaviest
8. Personal vs Team — What Personal Cannot Do
| Capability | Personal (Pro/Max) | Team (Standard/Premium) |
|---|---|---|
| Admin Console | ✗ | ✓ |
| User provisioning/roles | ✗ | ✓ Owner/Admin/Member |
| Audit log | ✗ | ✓ |
| Shared Projects | ✗ | ✓ Workspace-wide |
| Shared Skills (admin-deployed) | ✗ user-only | ✓ Workspace Skill |
| Connector allowlist | ✗ user enables | ✓ admin-controlled |
| MCP server allowlist | ✗ user adds any | ✓ (Premium) |
| Claude Code tool permissioning | ✗ user-managed | ✓ (Premium) |
| Per-user spend cap | ✗ | ✓ (Premium) |
| No training on data (default) | Opt-in | ✓ default |
| Central billing (one invoice) | ✗ per-user invoices | ✓ |
| Offboarding (employee leaves) | Admin can't | Remove seat immediately |
9. Skill vs MCP — Are They Different on Personal vs Team?
Users ask this often — Skill and MCP are two things Claude users frequently confuse. Here's the breakdown:
9.1 Skill vs MCP — Side-by-Side
| Aspect | Skill | MCP (Connector) |
|---|---|---|
| What it is | A capability/preset for how to work — e.g., "Write in our company style" | A channel for Claude to access external data/services — e.g., Google Drive, GitHub, internal APIs |
| What it emphasizes | Thinking patterns / work formats | Data access and triggering external actions |
| Examples | "Analyze P&L," "Screen resumes," "Write press releases" | "Fetch a doc from Drive," "Read Gmail," "Open a GitHub issue" |
| Can Personal use it? | ✓ Users can create their own | ✓ Users can connect any MCP server |
| Team — what admins control | Deploy Skills workspace-wide — everyone uses the same version; admin updates once | Set the allowlist — enable/disable connectors and MCP servers as policy |
| Governance risk | Low — Skills don't reach outside | High — MCPs both read and send data outward |
9.2 Real-world examples
- HR Skill: "Screen resumes against our 5 criteria" — admin deploys → every recruiter uses the same version; no drift
- Finance Skill: "Analyze budget variance" — fixed structure, reduces time-to-analysis
- Sales MCP: connect to internal CRM → Claude answers customer questions
- Dev MCP: connect to internal Postgres + GitHub Enterprise → Claude Code can read schemas and repos
10. Initial Setup Workflow — Your First 30 Minutes With a Team Plan
- Set the workspace name + upload a logo — Settings → Workspace → Brand
- Add a backup Owner — so you're not locked out if the primary owner leaves
- Invite members by team — Settings → Members → Invite
- Assign seat types by role — devs = Premium; marketing/sales/admin = Standard
- Enable Audit Log + Data Settings — confirm the default "No training on data" is on (default)
- Set the connector allowlist — enable only Google Drive and GitHub for the company; disable external connectors you don't use
- Set the MCP allowlist (Premium) — add internal MCP servers that have passed security review
- Set the Claude Code spend cap (Premium) — start at $20-50/user/month; adjust upward based on usage
- Deploy 1-2 starter Skills — e.g., "Write email in our company tone"
- Communicate with the team — send an internal policy doc on what may and may not be put into Claude
The Answers — Direct Replies to What You Asked at the Top
- How do admins configure policy by our org's data governance? → Settings → Data Settings (retention/training), Members (access), Connectors + MCP + Tool Permissioning (scope of work)
- What do admins see? → Member list, role, seat, aggregate usage analytics, Claude Code metrics, audit log of admin actions, billing
- Can admins read member chat logs? → Not in the Admin Console (no UI to open another's chat) — but the Primary Owner can request a workspace data export that includes conversations, uploaded files, and usage patterns, per Anthropic's Help Center
- What can be shared? → Projects (workspace-wide), Skills (admin-deployed), Prompt templates, MCP/Connectors on the allowlist
- What can be restricted? → External connectors, MCP servers not in the allowlist, dangerous tools for Claude Code, members exceeding their spend cap
- What can Personal not do? → Admin Console, audit log, shared Skills/Projects, connector allowlist, MCP allowlist, tool permissioning, spend cap, central billing — Personal has none of these
- Skill vs MCP — different on Personal vs Team? → Skills on Personal stay with the user; Team admins deploy them workspace-wide. MCP on Personal lets users add any server; Team Premium admins set the allowlist.
References
- Claude Help Center — What is the Team plan?
- Anthropic — Claude Code and new admin controls for business plans
- Anthropic Trust Center — SOC 2, BAA, DPA, training data policies
- Anthropic Privacy Policy
- Model Context Protocol — Open Standard
- Personal Data Protection Committee (PDPC), Thailand
Interested in Claude Team for your organization? Request a quote from Grand Linux Solution
Grand Linux Solution has been a Claude Team Premium customer since launch — tell us the number of seats you need (Standard/Premium) and the number of users, and our team will send you a quote with setup recommendations tailored to your organization's data governance.
Request a quoteTel 02-347-7730 | sale@grandlinux.com
