I need the ability to deny VPN and location access at the organization level, rather than just at the account level. This would allow us to manage access more precisely for individual clients without affecting all clients globally.