Data isolation in multitenant applications

Isolating data in multitenant SaaS applications is a challenging aspect. Between the extremes of sharing all resources between tenants and provisioning individual resources for each tenant there are many tradeoffs to consider. What’s important is to know the possible options and to select the best solution for the given problem.

Data is generally the most sensitive resource a company has. From technical perspective, the actual requirements behind multitenancy dictate the level of data isolation. 

For the tenant isolation at database level there are the three main options: separate database per tenant, separate schema per tenant and partitioned data. ORM frameworks like Hibernate provide support for all these options.

In regards to messaging, the most common data isolation pattens are using separate messaging system per tenant – option that comes with the higher isolation level at the extent of increased costs – or using the same messaging system for multiple tenants with separation options at queue, topic or subscription levels. Apache Kafka is designed to support multitenant systems by isolating data with authentication, authorization, and encryption, isolating user namespaces, and isolating performance with quotas.