Claude Track
Module 22
Claude Enterprise -- Module 22
Problems at Scale: Three issues surface after launching to two additional brands: ShopMate occasionally invents product features that do not exist (hallucination); the monthly API bill doubled when PetThreads launched; one brand's system prompt is leaking into another brand's responses. This module fixes all three.

Enterprise Challenges & Mitigations

Every enterprise Claude deployment surfaces a predictable set of technical, organisational, and regulatory challenges. Knowing them in advance -- and having ready mitigations -- is what separates successful programmes from stalled pilots.

Technical Challenges

Challenge: Users inadvertently paste personal data, credentials, or confidential documents into Claude prompts, risking GDPR/CCPA violations.

  • Mitigation 1: Deploy a PII detection layer (e.g. Microsoft Presidio, AWS Comprehend) that scans prompts before they reach Claude and redacts or blocks sensitive fields.
  • Mitigation 2: Use AWS Bedrock or GCP Vertex AI so data never leaves your cloud boundary.
  • Mitigation 3: Publish a clear data handling FAQ visible in every Claude-powered UI. Users who understand the policy make better decisions.

Challenge: Claude may generate plausible but incorrect facts in legal summaries, financial analyses, or medical notes -- creating liability if acted upon without review.

  • Mitigation 1: Implement RAG -- ground Claude in your verified internal knowledge bases rather than training data alone.
  • Mitigation 2: Require Claude to cite the source document for every factual claim. Uncited claims are flagged for human review.
  • Mitigation 3: Mandatory human review gates for any output sent externally -- emails, reports, contracts. Never fully automate high-stakes decisions.
  • Mitigation 4: Run automated evals on a golden dataset monthly to track hallucination rates and catch regressions after model updates.

Challenge: Token costs scale with usage. Without controls, a viral internal tool can generate unexpected API bills within days of launch.

  • Mitigation 1: Implement per-user, per-team, and per-application monthly token budgets with hard rate limits enforced at the API gateway layer.
  • Mitigation 2: Use prompt caching aggressively -- cached tokens cost ~10% of fresh input tokens. Cache all stable system prompts and large reference documents.
  • Mitigation 3: Route by complexity -- Haiku for classification and routing, Sonnet for most tasks, Opus only where quality materially differs. A 10x cost difference makes routing highly valuable.
  • Mitigation 4: Tag every API call with department, use-case, and user metadata. Show teams their own cost dashboards -- visibility drives responsible usage.

Challenge: Enterprise data lives in SAP, Salesforce, SharePoint, Oracle, and dozens of proprietary systems -- none of which have native Claude connectors.

  • Mitigation 1: Build MCP servers for your most-used internal systems. A single MCP server exposing your CRM data makes it available to every future Claude integration instantly.
  • Mitigation 2: Use integration middleware (Mulesoft, Boomi, or a FastAPI gateway) to expose legacy data as REST endpoints that MCP servers consume.
  • Mitigation 3: Prioritise use cases where data can be pushed into context as documents rather than requiring real-time system calls. Batch export plus RAG is often simpler and more reliable.

Challenge: Anthropic releases new model versions that may subtly change output style or accuracy -- breaking prompts tuned for previous models.

  • Mitigation 1: Pin to specific model version strings in production (e.g. claude-sonnet-4-6 not a floating alias). Upgrade deliberately, not automatically.
  • Mitigation 2: Maintain a regression test suite of 50-200 golden prompt/response pairs per application. Run this suite before any model version change reaches production.
  • Mitigation 3: Blue/green deployment -- route 5% of traffic to the new model version, compare outputs, then promote after passing quality gates.

Organisational Challenges

Challenge: Employees fear job displacement, distrust AI outputs, or simply do not change existing workflows despite tool availability.

  • Mitigation 1: Frame Claude as a capability amplifier, not a replacement. Claude handles repetitive work so employees focus on judgment, relationships, and creative problem-solving.
  • Mitigation 2: Identify and empower internal AI Champions in each department -- early adopters who demonstrate value and train peers organically.
  • Mitigation 3: Measure and share wins publicly: "The legal team saved 340 hours in Q1 using Claude for contract review." Concrete numbers convert sceptics.
  • Mitigation 4: Workshop formats where employees solve real problems with Claude are 10x more effective than passive training videos.

Challenge: Different teams build Claude integrations with wildly varying prompt quality, leading to inconsistent output quality and duplicated effort.

  • Mitigation 1: Publish an internal Prompt Library -- a version-controlled repository of approved, tested system prompts and few-shot templates. Every team starts from a vetted baseline.
  • Mitigation 2: Establish a prompt review process (similar to code review) for all customer-facing Claude integrations.
  • Mitigation 3: Run quarterly prompt optimisation sprints. Review production prompts against quality metrics and update them as the model and use cases evolve.

Enterprise Risk Register

RiskLikelihoodImpactControlOwner
PII sent to ClaudeHighHighPII detection + user trainingSecurity
Hallucinated advice acted uponMediumHighHuman review gate + RAG groundingLegal
API cost overrunMediumMediumPer-team budgets + model routingEngineering
Model regression after upgradeMediumMediumPinned versions + regression suiteEngineering
Shadow AI usageHighMediumBetter approved tooling + monitoringIT / Security
Regulatory non-complianceLowHighAI risk assessment + compliance registerLegal / CoE

ShopMate -- RAG for Accurate Replies

Python -- shopmate/rag/product_rag.py
# shopmate/rag/product_rag.py -- ground chat answers in real product data
# pip install chromadb sentence-transformers
import anthropic
import chromadb
from sentence_transformers import SentenceTransformer

client   = anthropic.Anthropic()
encoder  = SentenceTransformer("all-MiniLM-L6-v2")
chroma   = chromadb.PersistentClient(path="data/shopmate_kb")
products = chroma.get_or_create_collection("products")

def index_product_catalogue(catalogue: list[dict]):
    """Index all ThreadCo products so ShopMate can look them up accurately."""
    texts = [
        f"{p['name']}: {p['material']}, {', '.join(p['colours'])}, {p['price']}. {p.get('description','')}"
        for p in catalogue
    ]
    embeddings = encoder.encode(texts).tolist()
    products.add(documents=texts, embeddings=embeddings,
                ids=[p["id"] for p in catalogue])
    print(f"Indexed {len(catalogue)} products")

def grounded_chat_reply(customer_message: str) -> str:
    """Answer using ONLY real ThreadCo product data -- no hallucinations."""
    embedding = encoder.encode([customer_message]).tolist()
    results = products.query(query_embeddings=embedding, n_results=3)
    context = "
".join(results["documents"][0])
    resp = client.messages.create(
        model="claude-haiku-4-5-20251001", max_tokens=200,
        system="""You are ShopMate for ThreadCo. Answer using ONLY the product data provided.
If the answer is not in the data, say "I don't have that information -- email hello@threadco.com"
Never invent product details, prices, or availability.""",
        messages=[{"role":"user","content":
            f"Product catalogue:
{context}

Customer: {customer_message}"}]
    )
    return resp.content[0].text
<-- Governance Next: Rollout Plan -->