Organizations

In InsightCloudSec, organizations allow for multi-tenant functionality to logically isolate resources, users, Bots, and Insights according to their unique uses. This capability, available under System Administration > Organizations, allows a managed service provider to manage multiple customers in single InsightCloudSec platform installation.

Cloud accounts and their resources can only belong to one organization and cannot be modified or viewed from another organization. Review our documentation around Badges for more information on configuring and managing InsightCloudSec organization functionality.

Provider Organizations

An InsightCloudSec organization is different from provider-specific organizations. Provider-specific organizations (available under Clouds > Organizations) are used to manage cloud accounts within the respective provider. Details on provider organizations are available here:

Management Hierarchy

The hierarchy of management within InsightCloudSec can be understood as follows:

Organizations (Enterprise Only) - Organizations allow for complete isolation between Cloud accounts, resources, and users on an installation. Cloud Accounts and their resources can only belong to one organization and cannot be modified or viewed from another organization.

Domains > Organizations > Groups/Roles/Users

Review the Users, Groups, and Roles (Identity Management) documentation) to learn more about the InsightCloudSec hierarchy and how users are managed.

Prerequisites

Before getting started you need to ensure you have the following:

  • A functioning InsightCloudSec platform installation
  • The appropriate permissions, i.e., since organizations are maintained at the domain level, managing organizations requires Domain Admin privileges.
    • During the installation process, enterprise customers will create their first user as a domain admin. When visiting the Domain Admin page in the Identity Management section of the tool, you will see this initial user.
    • Additional domain admins can be created. Domain admins have organization admin privileges since all organizations and permissions cannot be limited for these users.

Organization Visibility - User Permissions

Org admins and basic users do not see the organization list and cannot change organizations or modify organization details.

Adding an Organization

  1. Navigate to the cog (top right) Administration > System Administration and ensure you are on the Organizations tab. Locate the Create Organization button.
  2. Give the new organization a name. Optionally you may also use a previous organization as a template. Click Submit to complete. For this example we named it InsightCloudSec QA Team.
    • If you select a source organization, the Insights, roles, and user groups will be copied over to the new organization. If left blank, then the organization will be empty. For this example we left it blank.
  3. Once you create the new organization, the system will redirect you back to the main System Administration page.
    • Scroll through the list of organizations or use the search field to locate the new organization.

Managing an Organization

To manage, edit, or delete an existing InsightCloudSec organization, navigate to the System Administration page (under Administration from the left-side menu); Organizations is the first tab/section that displays on the page.

Navigate to the target organization and select the Actions menu on the left side of the organization name.

Actions available for existing organizations include the following:

  • Update -- Update the name of the organization
  • Configure Email (SMTP) -- Configure the SMTP settings for this organization. Users also have the option to enable SMTP to apply to all organizations in an InsightCloudSec installation.
  • Configure Navigation Menu Blocklist -- Configure the Navigation Menu for this organization
  • Delete Email Configuration -- Delete the SMTP configuration for this organization
  • Update Badges -- Add or remove cloud badges for this organization
  • Delete -- Delete this organization (this option is not available for an active organization). Any Insight Packs created under this Organization will also be removed.