Individual databases to customers

I love my family, my wife and I share almost everything. We have been known to end each others sentences, and when times were tight, order a single meal in a restaurant and share it while others looked on in either derision or envy. There are however limits, red lines, things which we would never consider sharing, things which we culturally have been told to avoid.

Like, sharing the same toothbrush. The idea gives me a shiver down my spine, mainly because hers is a rose pink electric, and mine a more manly black electric. The thought of seeing myself in the mirror first thing in the morning with the pink toothbrush in my mouth is a little discordant with my self image. Of course, there is probably no medical reason why sharing a toothbrush with my own wife should be an issue. However ask yourself, and the answer to this question will tell us a lot about the type of person you are. Would you share a toothbrush with a total stranger? Would you share a toothbrush with a total stranger, knowing that the toothbrush had also been shared with an unknown number of other strangers?

In the world of SaaS products, we as businesses are asked to share many things. Infrastructure, networks, servers, the same running services, service desks and Professional Services consultants. We understand that the service we use, is also used by many other companies and that gives us a really great product for a lot less than the cost of building it ourselves. There are however a few things that we should be very certain that we don’t share, some things should be ours and ours alone, never to be shared and never to be seen by another business.
If you ask no other question of a potential SaaS vendor, ask the following one, it will tell us how seriously you consider the sanctity of your business’s key assets. The question is this. “Is my data, for my company in an isolated database, or is it in a database shared by other clients?”

Many SaaS vendors, particularly those which I class as Enthusiastic Amateurs use a multi-tenancy arrangement known as Logical Partitioning. This means they keep the data for every client in the same database and separate them logically by adding a customer identifier to every single record. The programmers then have to ensure that every call that is made to the database separates out the records, and only returns those that apply to the specific business. Ask yourself, “What could go wrong with this?”.

The answer is that in practice, many things can go wrong. Programming errors can easily create what is known as a data bleed, one business being able to see the records from another business, mainly through reporting tools and other self-service features. For a malicious actor, having access to one business means that you have access to every business, and you just have to work out ways around whatever programming style has been used to get access to any-one’s data.
It is also operationally impossible to tune the performance of a single business, to recover the data of a single business without impacting the entire population of customers. This significantly increases the risk to your business. Here is where sharing that toothbrush with an unknown number of strangers is potentially a health hazard.

The correct way to handle multi-tenancy is of course to give every customer their own isolated database. In this environment there is no possibility of a data bleed, and the operational issues are minimised to a single tenant. Unfortunately the ability to handle fast schema switching, and maintain the scalability of the application is beyond the technological skills of most of the smaller, more traditional vendors. So instead of giving you your own, hygienically sealed and brand new toothbrush/database, they ask you to share the common one, and trust that nothing goes wrong.

Ask your vendors THE question, and put your mind at rest. ”

By Peter Williams, CTO, EmiratesHR

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s