Download PDF (139 KB)
PDF version — print or share with your team.
Manufacturers want to know whether Claude Cowork can speed up supplier and document work without leaking a drawing, a price, or a process to a third party. According to Statistics Canada, 12.2% of Canadian businesses now use AI, double the rate a year earlier, so staff on the floor and in the office are already testing these tools. The duty to protect the firm’s intellectual property stays with the firm.
Mike Pearlstein, CISSP, MSc AI, founder of Fusion Computing, which has secured IT for Canadian manufacturers across Toronto, Hamilton, and Metro Vancouver since 2012.
Key takeaways
- A manufacturer can use Claude Cowork on a Team or Enterprise plan with access scoped to one project folder and a written policy.
- Keep proprietary designs and pricing in a scoped folder, never on the whole engineering or supplier drive.
- Cowork stores its work locally, so it sits outside your audit logs. ISO and customer audits need a traceable record you build yourself.
- A person reviews anything sent to a supplier or a customer.
Can manufacturers use Claude Cowork without exposing trade secrets?
Yes, a manufacturer can use Claude Cowork on a Team or Enterprise plan, with access scoped to one project folder and a written policy. The firm owns the duty to protect its intellectual property, and no vendor setting removes it. On the business plans, your content is not used to train Anthropic’s models by default, which is why proprietary work belongs there and never on a personal account.
The control that matters is scope: which files the agent opens, which plan governs the data, and who reviews the output before it reaches a supplier or a customer. Trade-secret protection depends on keeping the information controlled, so the setup around the tool is what keeps it safe.
It’s the same secure-adoption logic from the pillar guide on using Claude Cowork securely in your business, applied to a plant, and it sits alongside our broader IT for manufacturers work.
What Claude Cowork actually does on the back office and shop floor
Claude Cowork completes multi-step document work rather than answering a single question. For a manufacturer, the practical jobs are processing supplier quotes and purchase orders, drafting RFQs and quotes, cleaning up bills of materials and inventory lists, organizing ISO and customer-audit documents, and drafting vendor communications. Each output is a draft for a person to verify before it leaves the building.
Here’s how those jobs map to the work, with the guardrail that protects the firm’s IP. Fusion Computing walks plants through this before any pilot, the same way we scope any AI services engagement.
Book a 30-minute call to scope Claude Cowork for your plant safely →
| Task | What Cowork does | The guardrail |
|---|---|---|
| Supplier and PO processing | Reads quotes and POs, extracts terms, flags mismatches | Scope to one project; a buyer verifies |
| RFQ and quote drafting | Drafts an RFQ or quote from your templates and specs | Pricing and designs stay in a scoped folder |
| BOM and inventory cleanup | Deduplicates and reconciles part lists | A draft for review, not the system of record |
| Certification and compliance docs | Organizes ISO and customer-audit documents | Internal documents, no proprietary designs |
| Vendor communication drafts | Drafts emails and follow-ups to suppliers | A person reviews before anything is sent |
The IP and supplier-data guardrails
The core guardrail is least privilege: scope Cowork to one project folder, not the whole engineering or supplier drive. Classify what is allowed in (working documents for the active job) and what stays out (proprietary designs, process know-how, and pricing beyond the scoped folder). Keep a person reviewing anything supplier-facing. Cowork runs in an isolated virtual machine, but prompts still reach Anthropic, so scope is the control that limits exposure.
The mistake we flag most often is scope. When a plant points the agent at the whole engineering share, a single task can read every drawing and price. Scope it to the active project and most of the risk disappears.
Field note. In the plant pilots I’ve run, the first thing I change is access. I’ve watched an operations lead point an agent at a drive holding every customer drawing under NDA. We scoped it to one job folder, and the workflow that felt reckless became routine. The work’s identical; the exposure isn’t.
The policy is the other half. A short rule set, the kind we cover in our guide on what belongs in an AI acceptable use policy, names the approved tool, the data that may go in, and who may run it. Fusion Computing pairs that with a cybersecurity review so the firm protects its IP and its customer NDAs.
The oversight gap for quality records and customer audits
Claude Cowork stores its conversation history locally on each user’s computer, and that activity is not captured by audit logs, the Compliance API, or data exports. For a manufacturer this matters at audit time: ISO and customer quality programs assume the firm can trace how a document was produced. Team and Enterprise owners can stream Cowork events to a SIEM through OpenTelemetry, which Anthropic notes does not replace audit logging for compliance.
According to Anthropic’s guidance on using Cowork on Team and Enterprise plans, the local history “is not subject to Anthropic’s standard data retention policies and cannot be centrally managed or exported by admins.” A firm that wants AI-assisted work traceable for an ISO 9001 review builds that record itself.
The Enterprise audit logs that do exist capture metadata, not the work. Fusion Computing wires the OpenTelemetry stream into the same monitoring we run for managed detection and response, so a plant sees tool calls and file access even though the transcript stays on the device. If a document supports a quality record, the firm keeps that trace on purpose.
Plan tier and a setup checklist for a manufacturer
The plan tier is the first decision: only Team and Enterprise carry the “not trained on by default” commitment plus the admin controls a firm needs. From there, a safe rollout is short: scope to one project folder, keep “ask before acting” on, write a usage policy, turn on OpenTelemetry monitoring, keep a person signing off on supplier-facing output, and review the vendor terms against your customer NDAs and IP clauses.
Cowork runs on Pro, Max, Team, and Enterprise plans per Anthropic’s release notes, and on the business tiers your content is not used to train models by default, as Anthropic’s privacy commitments set out. Here’s the checklist Fusion Computing runs with a plant.
Why Canadian firms bring this work to Fusion Computing
CISSP-led, a Microsoft Solutions Partner and a CompTIA Managed Services Trustmark holder, securing IT for Canadian SMBs across Toronto, Hamilton, and Metro Vancouver since 2012.
Get a CISSP-led review of where AI tools touch your designs and pricing →
- Choose Team or Enterprise. Proprietary work on a personal account is the first risk to fix.
- Scope to one project folder. Never the whole engineering or supplier drive. Widen only with a reason.
- Default to “ask before acting.” Cowork always asks before deleting files; keep approvals on.
- Write an acceptable use policy. Name the approved tool, the data that may go in, and who may run it.
- Turn on OpenTelemetry monitoring. It’s the only visibility you have into what the agent did.
- Keep a person signing off. Nothing supplier-facing or customer-facing ships without review.
- Map the terms to your contracts. Check Anthropic’s data handling against your customer NDAs before go-live.
None of it’s exotic, and most of it takes an afternoon. Fusion Computing sets it up as part of the managed IT work we already do for plants, and the same pattern carries to law firms, accounting firms, and wealth management firms under their own rules. If you want a second set of eyes before your plant pilots Cowork, talk to us or read more about how we work.
Claude Cowork is worth adopting for the supplier and document load that fills a plant’s week. The firms that set the plan, the scope, and the policy first are the ones that’ll use it calmly while their competitors are still arguing about whether it’s allowed.
Fusion Computing helps Canadian businesses across Toronto and the GTA, Hamilton, and Metro Vancouver with managed IT, cybersecurity, and Microsoft 365.
Frequently Asked Questions
Is Claude Cowork safe for proprietary designs?
Keep proprietary designs out of Cowork unless they sit in a scoped folder you have chosen to share. The work runs locally, though the prompts reach Anthropic, so the safe default is to expose only the documents a task needs. On a Team or Enterprise plan your content is not used to train models by default, which is why proprietary work belongs on a business plan.
Can Claude Cowork read our ERP or supplier data?
Cowork can read files and use approved connectors, so it can work with exported supplier documents or a scoped folder rather than your whole ERP. Point it at one project, never the entire engineering or supplier drive. A buyer should verify anything Cowork extracts before it informs a purchase order or a quote.
What plan does a manufacturer need for Claude Cowork?
A manufacturer should use the Team or Enterprise plan, never a personal Pro or Max account. Only the business tiers carry Anthropic’s commitment not to train on your content by default, plus the owner and admin controls a firm needs. Proprietary work on a personal account is the first risk to remediate.
Is our data used to train the model?
On Team and Enterprise plans, your content is not used to train Anthropic’s models by default, so documents processed under a business plan stay out of training. Personal Pro and Max plans follow individual privacy settings, which differ from the business default. For a firm protecting IP, that difference is the reason to standardise on a business plan.
Want an AI use policy that protects your IP and customer NDAs? →
How is Claude Cowork different from manufacturing AI tools?
Manufacturing AI is usually built into an MES, ERP, or quality platform and scoped to those systems. Claude Cowork is a general desktop agent that works across your own files and apps, which suits document and supplier work more than line-level control. The practical differences are where the data lives and how broadly the agent can reach.
Does Claude Cowork help with ISO documentation?
Yes. Cowork can draft, update, and organize ISO 9001 procedures, work instructions, and audit documents from your own materials. Treat the output as a draft for a quality lead to review, and keep the record of how it was produced, because Cowork’s own session history is local and is not captured in central audit logs.
Does Claude Cowork work on Windows or only Mac?
Claude Cowork works on both macOS and Windows through the Claude desktop app, and it reached general availability on both on April 9, 2026. It is not available on the web or on mobile. Some capabilities, such as computer use, arrived first as research previews, so confirm the current feature list for your platform inside the app.
Who at the plant should run Claude Cowork?
Start with a small group in operations or the office who understand the IP and customer NDAs, never the whole plant. Cowork is an organization-wide setting that owners can switch on or off, and granular per-user controls are limited, so a deliberate pilot with named users beats a broad rollout. Pair it with training and a written policy first.
