Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Multitenant Architectures Must Balance Security, Availability

Cloud computing is obviously here to stay, so enterprises need to balance security and availability when using private, public or hybrid cloud services that leverage multitenant architectures.

Forrester Research defines multitenant architectures as "IT architectures that let multiple customers (tenants) share the same applications and/or compute resources with security, reliability and consistent performance."

In its recent research report, "Understanding Cloud's Multitenacy," the analyst firm concludes that multitenant architectures are not necessarily a less secure model. However, organizations need to understand the type used by any service they consume, as well as their own security responsibilities.

True cloud services all use a form of multitenant architecture, where multiple "tenants" share the same applications and/or compute resources. Multitenant architectures are what enable cloud services to achieve high-cost efficiencies and deliver low costs to customers.

It's important to note that customers in a multitenant environment may or may not be from different companies--it's more about the data: The type of data and where it lives defines a tenant, as well as who owns it. For example, in some companies, the data of one business unit is owned by that business unit and not the parent company, which may have several lines of business, each with its own customer data. Therefore, even within a private cloud environment owned by a corporate enterprise, there could be multiple lines of business owning data that must be kept separate.

This is a common reality for large financial institutions, notes Lee Doyle, group VP, networking and security at IDC. Many financial institutions have different divisions for different types of customers. By law, the customer data from each business unit must be kept separate. At the same time, however, these companies are looking for efficiencies from IT and consolidating data centers.

Doyle says software-defined networking (SDN) could aid in managing these architectures, as enterprises can leverage programmable networks to better tackle virtualized environments and separate customer data appropriately.

Next: Addressing Security Concerns in Multitenant Architectures

  • 1