Multi-tenant architecture: how BetterFlow isolates company data
When multiple companies use the same SaaS platform, data isolation is the most critical security requirement. One company must never see another company's data, even if both use identical features. At BetterQA, we built BetterFlow with multi-tenant architecture from day one because our consultancy serves multiple clients who would never accept shared data exposure.
This technical overview explains how multi-tenant isolation works and what to look for when evaluating SaaS platforms for sensitive business data like timesheets.
What multi-tenancy means
Multi-tenancy is the practice of serving multiple customers (tenants) from a single application deployment. The alternative, single-tenant deployment, gives each customer their own isolated instance. Multi-tenancy is more cost-effective but requires careful engineering to prevent data leakage.
BetterFlow uses a shared-database multi-tenant model with row-level security. All tenants share the same database, but every table includes a tenant_id column, and all queries filter by tenant.
Row-level security enforcement
The fundamental protection in BetterFlow is that every database query includes tenant context. This is enforced at the application layer:
- Every model automatically scopes queries to the current tenant
- The current tenant is determined from the authenticated user's session
- There is no API endpoint that queries data without tenant context
- Database queries are audited to ensure tenant_id appears in WHERE clauses
This means even if a bug allowed access to a different user's data, that data would be from the same tenant, not a different company.
Tenant context isolation
Beyond database queries, tenant isolation extends to:
File storage: Uploaded files are stored in tenant-specific directories. File access checks include tenant validation.
Cache keys: Cached data includes tenant_id in the cache key. One tenant's cache cannot be accessed by another.
Background jobs: Scheduled tasks that run across tenants (like sending weekly reports) iterate through tenants independently rather than operating on global data.
API rate limits: Rate limiting is per-tenant to prevent one tenant's usage from affecting others.
Testing tenant isolation
Multi-tenant bugs are subtle and dangerous. BetterFlow includes specific test patterns:
- Cross-tenant access tests: Create data as Tenant A, attempt to access as Tenant B, verify denial
- Query auditing: Log all database queries in test environments and verify tenant_id presence
- Tenant switching tests: Simulate user switching between tenants (for multi-company users) and verify proper isolation
Compliance requirements
Multi-tenant isolation is required for many compliance frameworks:
SOC 2: Requires logical separation of customer data
ISO 27001: Information security controls include data segregation
GDPR: Data controllers must ensure processing does not affect other controllers' data
When evaluating SaaS platforms, ask vendors how they implement tenant isolation and whether they have SOC 2 or similar certifications validating their controls.
What to ask SaaS vendors
When evaluating multi-tenant SaaS for sensitive data:
- Is data isolated at the database row level or through separate databases?
- How is tenant context propagated through the application?
- What testing validates tenant isolation?
- Have you had any tenant isolation breaches? How were they discovered and fixed?
- Can you provide documentation of your multi-tenant architecture for our security review?
Vendors who cannot answer these questions clearly may not have thought carefully about tenant isolation.
About BetterFlow
Built by BetterQA, a software testing company. BetterFlow's multi-tenant architecture ensures complete data isolation between companies while maintaining the cost efficiency of shared infrastructure.
Sources & References
- AWS - SaaS Tenant Isolation Strategies
- OWASP - Multi-Tenancy Security
- Microsoft - Multi-Tenant Application Patterns
Published by BetterQA, an ISO 27001 and ISO 9001 certified company with 8+ years of experience in software quality assurance. According to research by McKinsey, data-driven project management improves team productivity by up to 25%. Last updated on .
- Built by BetterQA, founded in 2018 in Cluj-Napoca, Romania
- ISO 27001 certified security and GDPR compliant
- Trusted by teams across 15+ countries
- 30-day free trial with no credit card required
