Skip to main content

Division

Tip

Divisions provide multi-tenancy within a single DigiCert ONE account and enable more precise control of user access and resource management.

Divisions are typically used to represent subtenants, such as business units, product lines, or customer segments. Each division functions within a separate, confined environment. This setup protects sensitive information and simplifies management by clearly delineating boundaries within a single DigiCert ONE account.

Rendezvous zone access

By default, all accounts and divisions in Device Trust Manager share a common set of Rendezvous zones. This means that regardless of the division a user is assigned to, devices within the account will use the same Rendezvous zone for initial communication and provisioning.

Resource access control

Divisions control access to a variety of key resources in Device Trust Manager.

Table 1. Division resource access control

Resource

Access control

Device groups

Limit access to specific device groups.

Certificate profiles

Limit access to certificate profiles.

Certificate management policies

Ensure that certificate management policies are applied only within the scope of the division.

Software updates

Control which artifacts and releases are available for devices within a division.


Tip

By assigning users to a specific division, you ensure they only see and interact with the content and resources assigned to that division.

Example use case of divisions

Imagine a company, Acme Solutions, that provides IoT devices to different sectors, such as healthcare and retail. Each sector would be considered a subtenant. Acme Solutions would create a division for each of these sectors, ensuring that both operate completely independently within the same parent account. This separation allows for isolated management and data integrity for each division, maintaining a clear boundary between the operations and data of the different sectors.

In this example, divisions help Acme Solutions manage their operations more effectively by keeping data and access control distinct for each subtenant.