How to Connect Your Firm's Internal Files to AI (Without a Security Incident)
A practical guide to connecting Google Drive, Notion, and practice management tools — and what to think through before connecting anything.
There is a version of this that firms get wrong. They connect AI to their Google Drive, hand out access broadly, and only later realize they have given AI - and by extension, everyone using it - the ability to read documents they would not normally share across the whole team. Privileged communications. Draft documents from sensitive negotiations. Personnel files.
The technical setup takes an afternoon. The policy thinking should happen first.
The policy questions before the technical ones
Before touching a connector, two questions are worth working through deliberately:
What should AI be able to see? This is not the same as what anyone at the firm can see. AI connections can be scoped narrowly - to a specific folder, a specific workspace, a specific data type. A connection to your firm's client deliverables archive is very different from a connection to your full Drive. Decide the scope before you configure.
Who should be able to use which connections? A partner-level connection to sensitive deal files is not appropriate for everyone. Consider whether connections should be firm-wide or role-scoped. Most firms start firm-wide for non-sensitive archives and add role-scoping for anything more sensitive.
The sources most worth connecting first
Not all data sources are equal in practical value. For most professional services firms, the highest-return connections follow a consistent pattern:
1. Deliverables archive
Past client work - memos, reports, analyses, proposals. This is where most firms have the richest institutional knowledge and the highest retrieval friction. AI that can search this archive and surface relevant past work changes how research and drafting tasks get started.
2. Knowledge base / wiki
Your firm's Notion workspace, Confluence, SharePoint knowledge base - wherever institutional process knowledge lives. The irony of most firm wikis is that they contain genuinely useful information that nobody reads because finding the right page requires knowing what to search for. AI access to the wiki makes it searchable by question, not by page name.
3. CRM / client context
Client history, relationship notes, matter summaries. AI connected to your CRM can provide relationship context before a client interaction without you having to manually pull the file. The value is proportional to how consistently your team records client information.
How the connection actually works
For Google Drive and Notion, Anthropic publishes MCP connectors that handle the integration. The setup involves authorizing the connection through the AI interface, specifying the folders or workspaces to include, and defining what the AI can do with what it finds - typically search and read, not edit or delete.
Once connected, the AI can be asked questions that require searching the connected source. "Find past research on the EU AI Act" returns relevant documents from your archive. "What is the standard approach for client onboarding?" queries your knowledge base. The answers come from your firm's actual information, not from general AI training.
The most important configuration choice is permissions scope. Connect to a folder, not a drive. Connect to a labeled client workspaces folder, not to everything in your CRM. Narrow scoping is easier to audit, easier to adjust, and far less likely to produce the kind of access problem that creates a security incident.
What to watch for once it is running
Two things tend to catch firms off guard after a connection is working:
First, AI will occasionally surface documents people forgot existed. This is usually a good thing - the point is to make historical knowledge accessible. Occasionally it surfaces something that should not be in the connected folder. Treat this as a signal to review the folder's contents, not a reason to remove the connection.
Second, output quality is directly proportional to data quality. If your deliverables archive is organized consistently and the documents are well-named, AI retrieval is fast and accurate. If the archive is a decade of files with inconsistent naming and no folder structure, the connection will work but require more prompting precision to get useful results.
The practical lesson: the data organization work you do before connecting pays dividends in retrieval quality afterward. Even a few hours spent organizing the archive into consistent folders by year and client type makes a noticeable difference.
Module 4 of Apparatus 202 covers internal data connections in detail - which sources to connect first, how to configure scope and permissions, and how to prompt effectively once the connection is live. The MCP connector explainer is useful background if the technology is new to you.