Data Isolation and Org Boundaries
Who this is for
Teams running multiple organizations, or anyone who wants to understand how CloudAIPilot isolates data between organizations.
What you will complete
Understand the organization as the fundamental isolation boundary, what is shared between orgs, and what is strictly isolated.
The organization as the isolation boundary
In CloudAIPilot, every resource — servers, sites, apps, backups, cloud accounts, notification channels, AI memories, alert rules — belongs to exactly one organization. There is no sharing of resources between organizations.
A user account can be a member of multiple organizations, but:
- Switching organizations in the dashboard completely changes your view.
- No data from Organization A is visible in Organization B.
- Actions in Organization A have no effect on Organization B.
What is strictly isolated per organization
| Resource | Isolation |
|---|---|
| Servers and VMs | Not shared across orgs |
| Sites and apps | Not shared across orgs |
| Backups and backup storage | Not shared across orgs |
| Cloud account credentials | Not shared across orgs |
| Alert rules and alert events | Not shared across orgs |
| Notification channels | Not shared across orgs |
| AI Pilot memories | Not shared across orgs |
| Team members | Membership is per-org — a user in Org A has no implicit access to Org B |
| Audit logs | Separate per org |
| Billing | Separate per org |
What is shared at the user level (not between orgs)
A user's identity (email address, password, SSO connection) is shared across all organizations they are a member of — they use the same login. However, this does not mean data is shared. The identity is just the authentication credential.
Multi-org scenarios and best practices
Agency managing multiple client organizations: Create a separate organization for each client. The agency owner (who has Owner access to all client orgs) can switch between them, but clients in one org cannot see another client's data.
Internal team with dev/staging/production separation: Option A: Use one organization with server environment tags (dev, staging, production) and Production Protection enabled. Option B: Use separate organizations for prod vs. non-prod for maximum isolation. The choice depends on whether you want your team to have visibility across all environments (one org) or strict separation (multiple orgs).