What Is Multi-Tenancy Security? (And How Does It Impact Embedded Analytics)
The single-tenancy vs. multi-tenancy debate still rages on. It used to be a stalemate, with SaaS vendors equally choosing between either architecture. But that’s changed, thanks to advancements in storage infrastructure and cloud computing.
To understand why multi-tenancy has been gaining lots of traction lately over single-tenancy, you might want to understand the difference between the two and most importantly, what’s meant when people talk about multi-tenancy security.
Multi-tenancy vs. Single-tenancy
We define multi-tenancy as a mode of software operation where multiple instances (read: tenants or customers) of one or more applications operate in a shared environment, with a single datastore.
Logically, the tenants are isolated; but physically, they’re still integrated.
It differs from single-tenancy in the sense that resources, display, backend database, and sometimes users are shared among the instances, which makes it both cheap and easy to maintain.
What’s Multi-tenancy Security?
Multi-tenancy security refers to data safety or privacy of tenants’ data in a multi-tenancy environment.
The biggest driving force of multi-tenancy hosting is efficiency and low maintenance cost, while the first risk that comes to mind when someone broaches up the idea is security.
Offering dozens or hundreds of tenants access to the same application or database other tenants are using raises the possibility of one of them using someone else’s data either by malice or accident.
This makes security a primary concern in multi-tenancy. In recent times, there has been a fundamental shift in how SaaS vendors protect their tenants’ data. Still, many customers don’t understand or trust some of these changes.
As a leading business intelligence platform with many years of experience in the industry, we came to realize that tenants operating in a cloud-based multi-tenant environment have many security concerns related to the protection and confidentiality of sensitive data.
Multi-tenant Privacy and Security Risks
We’ve outlined several privacy and security risks associated with multi-tenant hosting that needs to be adequately addressed:
- Risk Governance: In a multi-tenancy cloud deployment, tenants cede control to the SaaS vendor over all the issues they suspect may affect their privacy and security. But when the vendor’s agreement fails to offer a commitment to resolves all these issues, that can be translated to mean gaps in their security defenses.
- Responsibility Ambiguity: Responsibilities over certain aspects of privacy may be shared between the tenant and SaaS vendor. However, that poses the risk of some vital organs of the defenses being left unguarded, which draws more holes in their security defenses.
- Isolation Failure: Multi-tenancy is now the defining characteristic of public-cloud deployment. It’s also associated with the failure of the mechanism isolating the usage of routing, storage, memory, and the reputation between tenants.
- Security Incidents: The detection and reporting of security breaches are often delegated to the SaaS vendor. But it’s the tenant that feels the impact. It’s therefore critical that notification rules be negotiated in the contract to protect the customer from being caught unaware in case of unexpected delays.
- Data Protection: One major concern associated with multi-tenant hosting is the release or exposure of sensitive or personal data, the unavailability or loss of the data, or the over-retention of the data in case a tenant decides to terminate the service. Monitoring the data handling processes and practices may be difficult for the vendor.
- Malicious Behavior of Other Tenants or an Insider: The damages caused by another tenant in the shared environment or an insider working with the SaaS organization may be substantial, especially so because of the authorization they hold.
Multi-tenant Security Guidance
In this section of the post, we’ll be providing a series of prescriptive steps to follow in evaluating and managing the privacy and security concerns of users in a multi-tenant cloud system.
- Ensure there are effective governance and compliance processes: You can start by establishing privacy, security, and compliance policies that protect the corporate assets and intellectual property of your tenants.
- Audit Business and Operational Processes: Have an independent party audit the compliance of your IT systems, especially the system that hosts your application and tenants’ data. Make sure everything complies with the industry, corporate, and government policies and requirements.
- Manage People, identities, and Roles: The vendor must have a formalized system for managing their employees’ access to the resources that store, transmit, and execute customer applications and data. They should be able to demonstrate the overall effectiveness of this process to the tenant.
- Effective Isolation: Our cloud security framework makes secure multi-tenancy possible by enforcing encryption policies and access controls for cloud and virtual infrastructure, segmenting cloud deployments, and effectively isolating each tenant’s data and critical applications.
- Closely Monitor Collaborative Data Sharing: Collaboration controls will help you detect and monitor granular permissions on shared files, including those shared to users outside an organization via a web link. Employees may intentionally or inadvertently share confidential files through team spaces, emails, and cloud storage platforms such as Google Drive and Dropbox.
- Enforce Data Loss Prevention: Data Loss Prevention software is designed to monitor the outgoing transmission of sensitive data within a SaaS application and even blocks the transmission. The software can detect and even prevent this data from being downloaded to a personal device. It’s also designed to block hackers and malware from accessing and downloading the data.
How Can Yurbi Help?
Yurbi is a modern BI platform that supports both single-tenant and multi-tenant architectures.
Yurbi in Multi-tenant Environments
If you have adopted a multi-tenant architecture, Yurbi has built-in dynamic data level security policies which can restrict each user to seeing just the data they are authorized to see. You can learn more about the details here.
Yurbi allows you to segment tenants into isolated units, where users can not only view but also build reports and dashboards.
Users can schedule reports and have visibilities only to the data, reports, and users that are contained within their tenant. Even when all the data is centrally stored in a multi-tenant database.
Yurbi in Single-tenant Environments
If you have adopted a single-tenant architecture Yurbi supports that as well. There are multiple what you can leverage Yurbi in a single-tenant environment. If you provide wholly separate environments per tenant, simply install a separate Yurbi server as part of your tenant environment.
However, a Yurbi server per tenant is not needed.
A single Yurbi server can support many single-tenant environments due to our Yurbi App/Data Source model. You can learn more about the Yurbi App here, but essentially each client database has a unique connection with Yurbi and all permissions can be applied to allow a single user or group of users to only have access to that data source. Security is built-in to isolate data between tenants due to the single-tenant architecture.
If all your schemas are the same, you can even define the data source connection per user and leverage the same Yurbi App, this makes the source of data dynamic per user. However, if you do customize per customer, simply cloning a master Yurbi App allows you to customize the schema just for that customer.
Contact Us to Learn More
If Yurbi sounds like the embedded analytics that may fit your requirements, reach out to us and let’s discuss further.