The List You Came For vs. The List That Matters
If you came looking for a list of construction companies, ENR's Top 400 Contractors1 is the directory you want. But if you lead an AEC firm, the more urgent "list" question this year isn't who's biggest— it's which AI tools your team is allowed to use, and which ones aren't.
That's the list most $20M–$100M AEC firms haven't built yet. It's also the list their teams are improvising daily, in DMs and side conversations, every time someone asks whether they can paste a spec section into ChatGPT.
This article gives you the definitions, the AEC-specific stakes, a four-criteria decision rubric, a sample one-page list, and a review cadence. Before we get to AEC-specific stakes, the terms themselves— allow-list and block-list— aren't interchangeable, and the difference shapes everything that follows.
Allow-List vs. Block-List, Defined
An allow-list permits only explicitly approved AI tools to be used; a block-list permits all AI tools except those specifically prohibited. NIST recommends allow-listing as the preferred posture for managed environments handling sensitive data2.
The difference comes down to one question: what's the default? Allow-list = default deny. Block-list = default allow. Everything else is a consequence of that one choice.
Terminology note: allow-list and whitelist are the same concept, as are block-list, blocklist, and denylist. The industry has moved to "allow-list/block-list" language, though NIST's foundational document still uses the older terms. Both NIST and CISA3 recommend allow-listing for managed environments— meaning environments where centralized control over what runs is feasible. That description fits most AEC firms more than it fits, say, a research lab.
| Allow-List | Block-List | |
|---|---|---|
| Default behavior | Deny by default | Permit by default |
| Security posture | Stronger | Weaker |
| Operational overhead | Higher (must approve before use) | Lower (must catch problems) |
| Best for | Sensitive data, regulated work | Open environments, rapid experimentation |
Those definitions are field-tested in enterprise IT. What makes them urgent for AEC firms specifically is what your tools touch.
Why This Decision Is Different for AEC Firms
AEC firms face three pressures most industries don't share at the same intensity: client confidentiality clauses on bid and project data, professional liability tied to sealed and stamped work, and AI features being silently added to tools your team already uses every day.
The three AEC-specific pressures:
- Bid and client confidentiality. AIA-form contracts and bespoke owner agreements commonly restrict third-party processing of project information. When a project narrative or fee schedule lands in a consumer AI tool, you may be in contract territory before you're in security territory.
- Stamped and sealed work. Professional liability changes the calculus. When a structural drawing gets pasted into a consumer AI tool, the question isn't just data leakage. It's whether you've put a stamped deliverable into a contract violation.
- JV and subcontractor exposure. Your governance ends at your firm boundary. Shared project data does not. Your allow-list is part of how you stay defensible inside a joint venture.
The "AI you didn't ask for" problem. The biggest near-term governance risk for AEC firms isn't ChatGPT in the open— it's AI quietly embedded in tools you've already approved. Microsoft 365 Copilot4 runs inside your existing M365 tenant. Procore is shipping AI features into the platform many AEC firms have standardized on5. Bluebeam Revu and Autodesk's product line are moving the same direction. The original tool approval predates the AI behavior— and most firms haven't gone back to re-review.
A solid AI governance strategy framework treats embedded AI as a separate decision from the platform itself. That distinction is where most AEC governance falls down.
Knowing the stakes is half the work. The other half is a rubric you can apply to any tool— old, new, or sneaking in through the back door of a vendor update.
A Four-Criteria Decision Rubric
Run any AI tool— proposed, embedded, or already in use— through four questions: what data does it touch, how does the vendor handle that data, what do your client contracts say, and how reversible is the decision?
Tool governance is the operational expression of data classification. You can't allow-list a tool without first knowing what data it sees. Use this as your AI decision framework for founders when a vendor pitches the next thing.
1. Data sensitivity. Sort the data into tiers: public/marketing, internal ops, client project data, and sealed deliverables. The higher the tier, the stricter the posture. The question to ask out loud: what's the worst document this tool will ever see?
2. Vendor data handling. Does the vendor train models on your inputs? Enterprise and consumer terms differ materially. OpenAI does not train on Business, Enterprise, or API customer data by default; consumer ChatGPT terms differ6. Anthropic does not train on commercial product or API inputs by default7. Microsoft 365 Copilot operates within the customer's tenant data boundary, with admin control over enablement and access4. These three are reasonable enterprise-tier defaults— but the tier you're actually paying for matters more than the brand.
3. Contract constraints. AIA confidentiality clauses, federal CUI rules where applicable, owner-imposed restrictions— AI tool choice can be a contract compliance question, not just an IT one. Your insurance carrier may also have an opinion; if E&O coverage hinges on how deliverables are produced, ask before you assume.
4. Reversibility. Can you turn it off cleanly? Has data already left? Embedded AI in a multi-year platform contract is the worst case— harder to unwind than a SaaS subscription. Be honest about the hidden costs of AI projects before you commit. If a decision can't be undone in a quarter, treat it like a contract— not a tool subscription.
| Vendor Tier | Default Training Behavior | Typical Use |
|---|---|---|
| Free / Consumer | May use inputs for training | Personal experimentation only |
| Business / Pro | Generally does not train on inputs (varies by vendor) | Team work, internal data |
| Enterprise / API | Does not train on inputs by default; admin controls available | Client project data |
The rubric is how you decide. The next question is what the decision actually looks like on paper— and what to do with tools that aren't ready for either list yet.
What Goes on Each List (With a Sandbox Tier)
Most AEC firms need three lists, not two: an allow-list of approved tools, a block-list of prohibited tools, and a sandbox tier where evaluation happens under controlled conditions.
A sandbox tier is what keeps allow-listing from becoming synonymous with stagnation. Two lists tell your team what to do. The third list tells them how to ask.
Allow-list examples. ChatGPT Enterprise, Claude for Work, Microsoft 365 Copilot with admin controls configured, firm-issued GitHub Copilot, Procore AI features that respect existing contract terms. These are reasonable starting points, not prescriptions— each firm needs to confirm the tier it's actually licensed for.
Block-list examples. Free or consumer ChatGPT for any client-data work. Consumer-tier tools that train on inputs. Any tool that hasn't been reviewed yet. The "hasn't been reviewed" category is the one most firms miss— if it's not on a list, it should default to block, not "we'll deal with it later."
Sandbox tier. A defined process: a named pilot user, anonymized or synthetic data only, time-boxed evaluation (30 or 60 days), and explicit exit criteria— promote to allow-list, demote to block-list, or extend the pilot with a reason. Without exit criteria, every sandbox becomes permanent.
Embedded AI handling. When a vendor adds AI features to an approved tool— Procore's AI suite, a Bluebeam update, the next Autodesk release— that capability goes back through the rubric. "Already approved" doesn't grandfather the new behavior.
Lists are static. AI tools aren't. The last piece is the cadence and ownership that keeps the list from rotting.
Cadence, Ownership, and the One-Page Test
Review the list quarterly at minimum, monthly during periods of active AI tool proliferation. Ownership sits with three people— an ops leader, IT, and a managing principal— not a committee.
The NIST AI Risk Management Framework8 structures governance around four functions: Govern, Map, Measure, and Manage. Govern explicitly addresses tool selection and acceptable use. Translation: ownership and cadence are not optional infrastructure.
Why these three roles? IT alone doesn't see the contract layer. A principal alone doesn't see the technical reality. An ops leader alone doesn't have the authority. All three, none of them a committee.
A one-page list with quarterly review beats a six-page acceptable use policy nobody reads. If your AI policy needs a meeting to interpret, the meeting is the policy.
| Tool | Tier | Approved Data Class | Last Reviewed |
|---|---|---|---|
| ChatGPT Enterprise | Allow | Client project data | 2026-04 |
| Microsoft 365 Copilot | Allow | Internal ops, client data (with controls) | 2026-04 |
| Procore AI features | Sandbox | Internal ops only, pilot user | 2026-04 |
| Free ChatGPT (consumer) | Block | None | 2026-04 |
Three questions for any new tool: what data does it touch, what's the vendor doing with that data, and what does the contract say? If a principal can't answer those in under five minutes, the tool isn't ready for the allow-list yet.
That's the framework. A few common questions before we close.
Frequently Asked Questions
Is an allow-list the same as a whitelist? Yes. The industry has shifted to "allow-list/block-list" terminology, but NIST's foundational document2 still uses "whitelist." Same concept, updated language.
Does OpenAI train on my data if my firm uses ChatGPT? OpenAI does not train on Business, Enterprise, or API customer data by default6. Free ChatGPT consumer accounts have different terms— which is why most allow-lists distinguish between the two tiers.
Does Microsoft Copilot send our data outside our tenant? Per Microsoft's documentation4, Copilot for Microsoft 365 operates within the customer's tenant data boundary. Tenant administrators control whether Copilot is enabled and how it accesses data.
What about AI features inside Procore or Bluebeam? Treat them as new tools requiring re-review under your rubric, even if the parent platform is already approved5. The original approval predates the AI behavior. This is the embedded-AI blind spot most firms miss when they're hunting through their list of construction companies' AI policies for a template.
Do small AEC firms really need a formal AI acceptable use policy? A formal AUP may be overkill. A one-page allow-list with quarterly review and clear ownership is sufficient for most $20M–$100M firms— and likelier to actually get read. Format follows function. If the document doesn't get used, the policy doesn't exist.
Governance as Permission, Not Restriction
The point of the list isn't to slow your firm down. It's to give your team explicit permission to use the right tools confidently— and to keep the wrong tools from becoming the firm's exposure.
AI governance done well is what permission looks like in writing. Done poorly, it becomes the document everyone routes around. The difference is whether it gives your team a clear "yes" alongside the necessary "no"— and whether building an AI culture on top of it is something the team actually wants to do.
If your firm is sorting through these tool decisions and the embedded-AI surprises that come with them, an implementation partner can help map the right governance posture to your specific contracts and workflows— Dan Cumberland Labs works with AEC firms on exactly these decisions through our AI Strategy services.
The list isn't the constraint. The list is the permission slip.
References
- Engineering News-Record, "Top 400 Contractors" (2024) — https://www.enr.com/toplists/2024-Top-400-Contractors-Preview
- NIST, "SP 800-167: Guide to Application Whitelisting" (2015) — https://csrc.nist.gov/publications/detail/sp/800-167/final
- CISA, "Application Allowlisting Guidance (AA20-205A)" (2020) — https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-205a
- Microsoft, "Data, Privacy, and Security for Microsoft 365 Copilot" (2024) — https://learn.microsoft.com/en-us/copilot/microsoft-365/microsoft-365-copilot-privacy
- Procore, "AI on the Procore Platform" (2024) — https://www.procore.com/platform/ai
- OpenAI, "Enterprise Privacy at OpenAI" (2024) — https://openai.com/enterprise-privacy/
- Anthropic, "Privacy Policy" (2024) — https://www.anthropic.com/legal/privacy
- NIST, "AI Risk Management Framework (AI RMF 1.0)" (2023) — https://www.nist.gov/itl/ai-risk-management-framework
