Real Organizations: Defining Ownership and Access in White Cloud Security
Overview
Real Organizations (or simply Orgs) in White Cloud Security define the root ownership entity for an account hierarchy. Unlike Virtual Organizations, which provide flexible grouping for reporting and visibility, Real Orgs serve as the foundational structure for access control, alerting, and domain ownership validation.
Each Real Org is created with a set of identifying and functional fields that tie the organization to a real-world entity or business unit.
Creating a Real Organization
To create a Real Org, administrators must specify the following:
Org Name
- A human-readable name that represents the organization.
- Example:
Acme Corp
Org Label
- Used to distinguish subdivisions within the same organization name.
- Default value is Main Account, but can be customized.
- Example:
Main Account,IT Department,Finance Team
Org Domain Name
- A fully qualified domain name (FQDN) that uniquely identifies the organization.
- This value is often used for domain ownership verification and trust boundaries.
- Example:
acme.com
Org Alert Email Address
- One or more email addresses to receive system alerts or important notifications related to the Org.
- Example:
security-alerts@acme.com
These fields collectively define a Real Organization that acts as a root entity for grouping users, devices, and policies.
Purpose of Real Orgs
Real Orgs serve multiple foundational purposes in the White Cloud Security platform:
- Anchor for Main Accounts: A Real Org defines the top-level ownership container for all Subgroups, Security Groups, Admin Groups, and Policy Profiles beneath it.
- Trust and Identity: The Org Domain Name helps validate identity and enforce Zero-Trust boundaries.
- Alert Routing: Org Alert Emails ensure critical notifications are delivered to organizational contacts.
- User Assignment: Real Orgs define the default scope for user access and login identity.
Assigning Users to Real Orgs
Users must be explicitly assigned to one or more Real Orgs to gain access. This assignment determines which organizational resources and Security Groups a user can interact with.
Primary Org Assignment
When a user is assigned to a Real Org, the first Org they are added to becomes their Primary Org.
How to Set a User’s Primary Org
- Assign the user to a Real Org (this becomes their Primary Org).
- If you need to change their Primary Org:
- Remove the user from their current Primary Org.
- Re-assign the user to the desired Org.
- That newly assigned Org now becomes the new Primary Org.
Key Notes
- A user can be a member of multiple Orgs.
- Only one Org can be the Primary Org at any given time.
- The Primary Org governs default behavior for user login, visibility, and access scoping.
Summary
| Field | Description |
|---|---|
| Org Name | The primary name of the organization. |
| Org Label | Optional label to distinguish subdivisions (defaults to "Main Account"). |
| Org Domain Name | FQDN to uniquely identify the Org by domain ownership. |
| Org Alert Email | Notification email(s) for system alerts. |
Real Orgs establish the backbone of organizational identity and access within White Cloud Security. They represent real ownership boundaries, provide system alert routing, and allow users to be logically and securely grouped under their correct entity.
By assigning users to Real Orgs — and managing their Primary Org status — administrators can precisely control access, visibility, and alerting in multi-tenant or enterprise environments.