Managing Multiple Tenants as an Organization
If you are a managed security service provider (MSSP) or a large enterprise running Surface Security for several business units, the organization layer lets you manage all of them from one place. An organization is a container that sits above your tenants: each tenant remains a fully isolated Surface Security environment (its own users, devices, alerts, and policies), while the organization gives your team a combined view across all of them plus centralized management tools.
Organization administrators sign in once, see cross-tenant dashboards, and can drop into any individual tenant's dashboard at any moment — without separate credentials per tenant. This page covers the organization sign-in, the Super Admin Panel and tenant switcher, and the four monitoring pages. For creating and administering tenants, groups, and licensing, see Tenant Management.
How it works
- Tenants stay isolated. Nothing about the organization layer weakens tenant boundaries. Each tenant's data remains scoped to that tenant; the organization views are read-across aggregations limited to the tenants your admin account is allowed to access.
- Two scopes, one session. An organization admin is always working in one of two scopes: the Organization scope (cross-tenant pages under the Super Admin Panel) or a single tenant scope (that tenant's normal dashboard). The tenant switcher in the header moves you between them instantly.
- Access can be narrowed per admin. An organization owner can grant an admin access to all tenants or only a specific subset. Every organization page respects those grants — an admin only ever sees tenants they have been given access to.
- Tenant groups narrow the lens. A tenant group is a named, saved subset of your tenants (for example "EMEA" or "Healthcare clients"). On the pages that support it, a Scope selector lets you view combined data for just one group instead of all tenants. See Tenant Management for creating groups.
Signing in as an organization admin
Organization admins use the same login page as tenant admins, but a separate sign-in mode:
- Open the Surface Security login page.
- Select the Organization admin sign-in link below the sign-in form. The subtitle changes to Sign in to your organization dashboard.
- Enter your organization admin email and password and select Sign in as organization admin. If your account has multi-factor authentication enabled, you will be prompted for your code.
- If your organization has configured single sign-on, enter your email and choose Sign in with SSO instead to authenticate through your identity provider.
To return to the normal tenant login form, select Back to tenant sign-in.
[SCREENSHOT PLACEHOLDER: Login page in organization mode — the "Sign in to your organization dashboard" subtitle, email/password fields, the "Sign in as organization admin" button, and the "Sign in with SSO" option.]
After signing in you land on the organization Command Center (Overview page).
The Super Admin Panel and the tenant switcher
Two controls move you between the organization view and individual tenants:
- Super Admin Panel — when you are inside a tenant's dashboard, an organization admin sees a Super Admin Panel button at the bottom of the sidebar. Selecting it switches you back to the organization scope and opens the Overview page. Regular tenant admins never see this button.
- Tenant switcher — a dropdown in the dashboard header, visible only to organization admins. It shows your current context (Organization when in the cross-tenant view, otherwise the active tenant's name). Opening it lists:
- Organization (labeled All tenants) — returns to the organization pages.
- A Search tenants... box and the list of your accessible tenants — selecting one switches you into that tenant's regular dashboard, exactly as its own admins see it.
[VIDEO PLACEHOLDER: Short clip showing an org admin opening the tenant switcher, searching for a tenant, switching into its dashboard, then using the Super Admin Panel button to return to the organization Command Center.]
While in the organization scope, the sidebar changes to the organization navigation, grouped into Monitor (Overview, Executive Dashboard, Alerts, Tenant Health), Manage (Tenants, Tenant Groups, Admins & Access, Licensing, Branding), Control (Org Policies, Policy Templates, Alert Routing, SSO), and Govern (Audit Log, Org Settings). This page covers the Monitor group.
Monitor pages
Overview (Command Center)
Super Admin Panel > Monitor > Overview
The Command Center is your landing page and daily starting point. It shows, across all of your accessible tenants:
- Tenants — the number of tenants under management.
- Protected endpoints — total seats in use, shown against your organization seat pool when one is set (for example
1,240 / 2,000). - Open critical — the count of open critical alerts across all tenants.
Below the stat cards, the Needs attention panel lists only the tenants that currently need action — those with expiring licenses (a License expiring badge) or open critical alerts (a red badge with the count). If everything is quiet it shows All tenants healthy. Selecting any entry switches you straight into that tenant's dashboard.
Finally, the Tenants table lists every tenant with its Name, Active users, Critical alerts, and License expiry (with an Expiring soon badge where relevant). Selecting a row switches into that tenant.
[SCREENSHOT PLACEHOLDER: The Command Center page — three stat cards (Tenants, Protected endpoints, Open critical), the Needs attention panel with a tenant showing a "License expiring" badge, and the Tenants table below.]
Executive Dashboard
Super Admin Panel > Monitor > Executive Dashboard
The organization Executive Dashboard is the same strategic security-posture view your tenants have, aggregated across every tenant in scope. It includes:
- The combined Security Posture score.
- KPI cards such as Active Threats (critical + high alerts), Auth Endpoints (discovered services), and MFA Adoption — each computed over all tenants in scope.
- The Alert Trend chart, Top Risk Categories, and Security Posture Factors breakdowns.
Unique to the organization view is the Tenant Risk Leaderboard at the bottom: tenants ranked by a composite risk score (higher is worse), with each row showing the tenant's posture score, open critical alert count, and a color-coded risk badge. Selecting a row switches you into that tenant's dashboard so you can investigate.
A Scope selector at the top of the page defaults to All tenants. Choosing one of your tenant groups restricts every number on the page — the posture score, KPIs, charts, and the leaderboard — to just the tenants in that group.
[SCREENSHOT PLACEHOLDER: The organization Executive Dashboard with the Scope selector set to a tenant group, the aggregate Security Posture score, KPI cards, and the Tenant Risk Leaderboard showing ranked tenants with risk badges.]
Alerts (Combined Alerts)
Super Admin Panel > Monitor > Alerts
The Combined Alerts page is a single queue of security alerts across all managed tenants — the same alert list experience your analysts already know from a tenant dashboard, with two additions:
- A Tenant column identifies which tenant each alert belongs to.
- The filter panel gains a Tenant filter, so you can narrow the queue to one or more specific tenants alongside the usual severity, type, and status filters.
A Scope selector at the top (defaulting to All tenants) lets you restrict the whole queue to a tenant group.
Opening an alert automatically switches your active scope to the tenant that owns it and takes you to the full alert detail page inside that tenant — screenshots, enrichment, triage actions, and all. To get back, use the Super Admin Panel button or pick Organization in the tenant switcher.
[SCREENSHOT PLACEHOLDER: The Combined Alerts page showing the Tenant column in the alert table, the Scope group selector at the top, and the filter panel expanded with the Tenant filter visible.]
Tenant Health
Super Admin Panel > Monitor > Tenant Health
Tenant Health is an operational board showing one card per tenant with the signals that tell you whether protection is actually running:
- The tenant's lifecycle status badge — Active, Suspended, or Deactivated.
- Last ingest — how recently the tenant last sent telemetry (for example "Last ingest 5 minutes ago", or "No data").
- Devices — active devices out of total, with an offline count when present.
- Active users.
- Critical alerts — with a red badge when any are open.
- License — the expiry date (or "Never"), with an Expiring soon badge where relevant.
Selecting a card switches you into that tenant's dashboard.
[SCREENSHOT PLACEHOLDER: The Tenant Health page showing a grid of tenant cards — one healthy Active tenant, one with an "Expiring soon" license badge, and one showing stale "Last ingest" with offline devices.]
Worked example: morning triage across 30 client tenants
An MSSP analyst starts the day:
- Sign in with Organization admin sign-in. The Command Center shows 30 tenants, 4 open critical alerts, and the Needs attention panel flags two tenants: "Acme Corp" with 3 critical alerts and "Northwind" with a License expiring badge.
- Open Alerts. Set the Scope selector to the "Priority clients" tenant group to focus on top-tier customers first, then use the Tenant filter to isolate Acme Corp's alerts.
- Open the most severe alert. Surface switches into Acme Corp's tenant automatically and shows the full alert detail; the analyst triages it there.
- Return via the Super Admin Panel button, then check Tenant Health. Northwind's card also shows "Last ingest about 6 hours ago" — worth a follow-up with the client about their extension rollout, in addition to the license renewal.
- The license renewal itself is handled on the Licensing page.
Troubleshooting and FAQ
I do not see the Super Admin Panel button or the tenant switcher. These appear only for organization admin accounts. If you signed in through the regular tenant form with a tenant admin account, they will not be shown. Sign out and use Organization admin sign-in.
A tenant is missing from my views. Organization pages only show tenants your admin account has been granted access to. An organization owner manages per-admin tenant access under Manage > Admins & Access.
The numbers on the Executive Dashboard look too small. Check the Scope selector — if it is set to a tenant group, every figure on the page is limited to that group. Set it back to All tenants for the full picture.
Does switching into a tenant require another login? No. Your organization session carries over; the tenant switcher changes your active scope instantly.
Can a tenant's own admins see organization data? No. Tenant admins see only their own tenant. The organization layer is one-directional: organization admins can look across tenants, never the reverse.