Multi-tenant architecture is a software design in which many customers use the same application, database, or cloud infrastructure while their data and sessions remain logically separated. It is common in SaaS platforms because it improves scalability, lowers operating cost, and simplifies updates: one patch or feature release can serve every tenant at once.
From a cyber security perspective, the main risk is boundary failure. If tenant isolation is weak, an attacker who compromises one account may read another customer’s data, alter shared settings, or exploit a flaw in authorization logic to move across tenants. Defenses include strict access controls, tenant-aware identity checks, encryption, segmentation of data stores, secure coding around object references and APIs, and continuous testing for cross-tenant leakage. In practice, security reviews often focus on whether the platform truly separates tenants, not just whether it shares the same servers.