Organization admin overview

You're the principal, the IT director, or whoever signed your school up for TSNC. Here's the lay of the land โ€” what you can do, where to find it, and what to focus on first.

๐Ÿ”’ thoushaltnotclick.com/admin/dashboardTSNCDashboardOrg ProfileStaffCampaignsAnalyticsActivity LogAdmin DashboardSt. Mary's Catholic School ยท 47 staffActive Staff47Trust Score Avg84Caught This Mo.12Pending Items3Recent CampaignsQ1 Vendor SpoofSent47/47Microsoft 365Sent47/47Tax RefundDraft0/47This Week๐Ÿ“ˆ Trust score up 4 points๐Ÿ‘ค 2 new staff onboarded๐Ÿšจ 1 phishing email reported๐Ÿ“š 8 training modules doneStaff Leaderboard๐Ÿ† Sister TheresaCaught: 8Score: 96๐Ÿฅˆ Mr. GarciaCaught: 7Score: 92๐Ÿฅ‰ Mrs. ChenCaught: 6Score: 88
The Org Admin dashboard โ€” Your home base. Stats, recent campaigns, and your staff leaderboard.

What an Org Admin can do

As an Org Admin (you'll have either the Principal or IT Admin role), you can do everything that touches your school but nothing that touches another. You're scoped to one organization. Specifically:

  • Manage staff โ€” invite teachers and staff, assign roles, deactivate departing members
  • Run phishing simulations โ€” send realistic-but-fake phishing emails to test your team
  • Manage your password vault โ€” store, share, and recover your school's passwords
  • Configure org settings โ€” school details, leadership, faith tradition, branding
  • Review activity โ€” see and undo other admins' actions, including yours
  • Refer & earn โ€” earn $100 per school you refer that signs up
โœ๏ธ
Two-admin minimum strongly recommended
Almost every important action in TSNC is designed to work better with two admins than one. The Activity Log lets a peer review and undo your actions. Vault recovery requires a co-approval in some cases. Have at least one principal AND one IT admin so you can keep each other honest.

Where to start

If you're brand new to TSNC, work through these in order. Each step takes about 10 minutes and unlocks the next. Don't try to do everything in one sitting.

1. Finish your org profile

Org profile & settings โ†’

Add your school name, address, faith tradition, principal and pastor names. This affects how TSNC presents itself to your staff (a Catholic school sees Catholic-context examples; a secular school sees plain ones).

2. Invite your IT director (and trusted backup)

Managing staff โ†’

Don't set up TSNC alone. Invite at least one other person with admin privileges so you have a peer to check your work and recover access if you're ever locked out. The two-admin pattern is the single most important security recommendation we make.

3. Send your first campaign (to yourself first)

Phishing campaigns โ†’

Pick a template, send it to just you and your IT admin. See what staff will see. Then you can send it to the whole team confidently.

4. Set up your password vault

Password manager โ†’

If your school stores any shared accounts (Google Workspace, PowerSchool, social media, etc.), the vault is where they live. We'll walk you through master password setup, escrow recovery (so a departing teacher doesn't lock you out), and shared collections.

What an Org Admin cannot do

These are intentional restrictions to keep things safe. If you're hitting one of them, there's usually a different feature you should use instead.

  • Deactivate another principal or IT admin โ€” peer admins can't deactivate each other from the staff page. This prevents one rogue admin from locking the others out. Contact TSNC support if you need to transfer the role.
  • Wipe your own vault โ€” the wipe button works on other users' vaults but not your own. To reset your own master password, use the change master password flow in the vault.
  • See or modify other schools' data โ€” your scope ends at your org boundary. Even reports show only your staff.
  • Override a co-approval gate โ€” when the system asks for a second admin's sign-off, there's no way to bypass it as a single org admin. That's the point.

The four things to know about safety

  • MFA can be required for password manager access โ€” your organization decides. If your org has MFA enforcement turned on, you'll be prompted to set it up the first time you try to use the password manager.
  • Every modifying admin action is logged in the Activity Log. Other admins can review and undo what you do; you can do the same to them.
  • Vault wipe is irreversible. When you wipe a vault, the encrypted data is destroyed. We can't recover it from backups (we don't have the keys). Use vault recovery instead when possible.
  • You'll get an email any time someone undoes your action. Peer review goes both ways.
Next โ†’
Org profile & settings