Skip to main content
Multi-tenant architecture: What does it mean?

Security

S
Written by Support legal-i
Updated over 5 months ago

Based on our cloud infrastructure, we have built and operate a multi-tenant microservice architecture as well as a shared platform to support our products. In a multi-tenant architecture, a single service serves multiple customers, including databases and computing instances required for running legal-i. Each service contains the data for multiple tenants, but the data of each tenant is isolated and inaccessible to other tenants.

mceclip0.png

Our microservices are built according to the principle of least privilege and are designed to minimize the scope of zero-day attacks and reduce the likelihood of lateral movements within our cloud environment. Each microservice has its own data store, which can only be accessed with the authentication protocol specific to that service, meaning that no other service has read or write access to this API. We have focused on isolating microservices and data rather than providing dedicated infrastructure per tenant, as this restricts access to the narrow data scope of a single system for many customers. Since the logic is decoupled and data authentication and authorization occur at the application level, this serves as an additional security check when requests are sent to these services. Therefore, if a microservice is compromised, it only results in limited access to the data required by that particular service.

Did this answer your question?