Our definition: Multitenancy defines IT architectures that let multiple customers (tenants) share the same applications and/or compute resources with security, reliability, and consistent performance.
Our research yielded three major findings about multitenant architectures. These are:
- Multitenant architectures must strike a balance between sharing and security. To deliver cost savings and scalability, a multitenant architecture must be able to manage dynamic resource consumption by its tenants without violating their security. These two goals ultimately conflict with one another, since shared resources and individual security rarely go hand in hand.
- Two common multitenant architecture models have arisen. Dedicated resource models stake boundaries within shared infrastructure, defining the resources a tenant can access, allowing for tangible and secure walls but lower flexibility. Metadata map models chart protected pathways to shared resources, allowing for increased flexibility, but they ultimately may feel less secure.
- Despite resource sharing, multitenancy will often improve security. Most current enterprise security models are perimeter-based, making you vulnerable to inside attacks. Multitenant services secure all assets at all times, since those within the main perimeter are all different clients. Leveraging a mix of dedicated resources and metadata map architectures, these services can deliver stronger security.
Our recommendation: Know how cloud multitenancy works before using it (or dismissing it). Multitenancy is here to stay. Our research and analysis indicates that multitenancy is not a less secure model — quite the opposite! But you should still understand the type of multitenancy used by any service you consume, the security responsibilities you must take on, and whether any supplemental responsibilities are yours to ensure strong security, service reliability, and good performance.
Forrester clients can read the full report here.
Posted by John R. Rymer in collaboration with James Staten