Multi-tenancy andSecurity
Single-tenant architectures are provider managed and have a dedicated infrastructure and software instance, but the tenant retains full control over the software and infrastructure customization. Most single-tenant delivery models provide a high degree of user control, engagement, security, reliability, and backup capability. A single-tenant environment is an isolated one, so tenants are more flexible than in a shared infrastructure model. However, multi-tenant architecture is suitable for organizations that need to get up and running fast and are interested in reducing costs and maintenance overhead. However, companies should be aware of the limitations of the software in terms of performance, security, and customization.
Multi-tenant architecture shares resources between multiple tenants and can improve performance of the overall system. However, modern multi-tenant systems use advanced mapping and resource distribution mechanisms to make efficient use of resources and thus improve performance and reduce maintenance costs. Because resources are shared, the advantages are lower costs per user and efficient utilization of resources. Most vendors offer improved performance with strict service level agreements (SLAs) at an additional cost. It is easy to set up and has lower maintenance costs, from a customer perspective. This is used for processing or operations whether on-premises, off-premises, or hybrid.
Because of limited isolation between tenants in multi-tenant, and less than single tenant, and thus with more access points, attackers can more easily identify and exploit vulnerabilities in one tenant’s environment and use them to attack other tenants.
The second type of threat to database servers is a software security threat via old versions of server patches, SQL injection, authentication gaps, and lack of backups, which create vulnerabilities.
The third issue is related to data; e.g., data sanitization, during data in motion, and regulatory compliance. This issue can be resolved through policies and procedures or through policies related to governance through people component out of PPT (People, Technology, and Process) framework.
The increasing risk of security breaches of sensitive data requires proactive data management. Anti-ransomware and cybersecurity solutions are needed to implement the NIST framework, and advanced detection methods that reduce the threat exposure window should be used. Storage systems need to be adapted to include requirements of the National Institute of Standards and Technology (NIST), and the Cyber Security Framework (CSF) can be seen as a security checklist for storage infrastructure demands.
