Tenant Isolation
What is Tenant Isolation?
Tenant IsolationThe set of controls that ensures one customer's data, identities, and workloads in a shared cloud or SaaS platform cannot be accessed or affected by another customer.
In multi-tenant cloud and SaaS architectures, many customers share the same underlying compute, storage, network, and control plane. Tenant isolation is the property that, despite this sharing, each tenant sees only its own data and resources and cannot influence the availability, integrity, or confidentiality of others. It is enforced at multiple layers: per-tenant IAM and data partitioning, network segmentation and VPCs, hypervisor and container isolation, hardware-backed memory protection, separate encryption keys per tenant, and rigorous request-scoping in application code. Failures show up as cross-tenant data leakage, IDOR bugs, noisy-neighbor effects, and side-channel attacks. Confidential computing and per-tenant KMS keys can strengthen isolation against insider and operator threats.
● Examples
- 01
A SaaS database that scopes every query by tenantId at the ORM layer.
- 02
Kubernetes namespaces plus NetworkPolicies separating tenants on a shared cluster.
● Frequently asked questions
What is Tenant Isolation?
The set of controls that ensures one customer's data, identities, and workloads in a shared cloud or SaaS platform cannot be accessed or affected by another customer. It belongs to the Cloud Security category of cybersecurity.
What does Tenant Isolation mean?
The set of controls that ensures one customer's data, identities, and workloads in a shared cloud or SaaS platform cannot be accessed or affected by another customer.
How do you defend against Tenant Isolation?
Defences for Tenant Isolation typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Tenant Isolation?
Common alternative names include: Multi-tenant isolation.