A company may maintain more than one tenant of a cloud service such as Microsoft Microsoft
365 or Box due to business needs, operations in multiple countries, or mergers and
acquisitions. Managing multiple service provider tenants, for example, Microsoft Entra
ID tenants, can be challenging. It often results in an incomplete and inconsistent
view of service data and users over the corporate network.
By introducing organization management, Cloud Email and Collaboration
Protection
enables you to use one single CLP, LMP, or local account to manage and visualize the
security posture across all your tenants' services, which could be done only by
switching among multiple CLP accounts before.
If your corporate structure is complex or you implement multiple tenants of a single
or several cloud services for your business needs, Trend Micro recommends you group
all cloud services of the same sub-organization entity within one
organization that you create on the management
console.
The steps outlined below illustrate how to use this feature across the Cloud Email and Collaboration
Protection management console.
Procedure
- Log on to the Cloud Email and Collaboration
Protection management
console.A default organization is automatically created. If you do not need more organizations, you can grant Cloud Email and Collaboration Protection access to and protect all your cloud services under this default organization.
- Add organizations if you decide to have more, for example, if you have two
Microsoft Entra ID tenants to manage.For more information, see Organization management.A Current organization drop-down list with options including the default organization, the organizations you have created, and All organizations will appear on each of the main screens, except the Administration screen.
- Select an organization and grant access to the cloud services
you manage under this organization.
Note
For more information, see Different ways to begin granting access.You can grant Cloud Email and Collaboration Protection access for one tenant under only one organization. For example, after you granted access to the Exchange Online service account for Microsoft Entra ID tenant A under one organization, you are not able to grant access for Microsoft Entra ID tenant A again under another organization. - Select an organization and configure Advanced Threat Protection and Data Loss Prevention policies for the services to which you have granted Cloud Email and Collaboration Protection access under this organization.
- View threat detection and policy enforcement data on the
Dashboard, Logs, and
Quarantine screen.You can view the data of each organization respectively by selecting an individual organization in the Current organization drop-down list or view the aggregated data by selecting All organizations.
Note
If you set Current organization to All organizations, you cannot export the aggregated data on Dashboard or generate reports on Logs. - Go to Administration and configure additional settings for specific or all available organizations.