I am not sure if I understand access rights for organizations/customer. If I have Organization X, and under it Customer 1, Customer 2, Customer 3. If Customer 3 raises request in service desk, is it shared with Customer 1 and Customer 2?
And if they search it they will not see requests from other customers unless it was shared with them? You can see that my concern is security, we would switch to Organization/Customer, I am just afraid of data leakage between customers
Correct. where you need to place care is to not mix customers across Organizations. So, you should restrict who is responsible for adding/managing customers.
There is an enhancement request for JSD to support domains for organizations which would be nice - JSDCLOUD-4417 and there is a corresponding server issue as well. I recommend watching and voting on this issue.