Hosting Tenant Workloads and Data in the Cloud
An Exploratory Guide
The cloud offers various configurations for hosting tenant workloads and data to meet diverse security, performance, compliance, and scalability needs. Let's dive deep into the three primary options provided by the Truuth platform:
Multi-Tenant
This method involves placing both tenant workloads and data on a highly scalable AWS infrastructure.
Traditional Concerns: In conventional architectures, using shared infrastructure often led to two main challenges:
- Resource Racing: Multiple tenants might compete for limited infrastructure resources.
- Noisy Neighbour Issues: Activities of one tenant might inadvertently impact another.
Modern Solution with Truuth: With the advent of serverless architecture in the Truuth platform, these concerns are mitigated.
- Scalability: The resource utilization scales seamlessly, constrained only by the capacity of the AWS datacenter.
- Performance & Availability: Sharing infrastructure no longer negatively affects the performance or uptime of tenant services.
Security Considerations: Truuth places security at the forefront:
- Security by Design: A foundational approach ensures robust security.
- Truuth Zero Trust Framework: Provides extensive security controls and follows the best security practices. This includes the principle of least privilege, ensuring both users and microservices have minimal access rights.
Data Storage: Although data is stored on the shared platform, Truuth ensures that:
- Each tenant possesses an individual database.
- There's absolute data segregation between tenants.
- Separate data retention policies are in place for each tenant.
Hybrid Tenancy
Here, while the workload runs on the shared infrastructure, tenant-specific data is stored exclusively on dedicated infrastructure.
Custom Configuration for Compliance: Truuth understands that certain organizations have stringent compliance, security, and risk mandates that require data to be stored on dedicated infrastructure.
- To cater to this need, Truuth can create a bespoke setup allowing tenants to house data in their own infrastructure, while still benefiting from the shared environment for workloads.
Single-Tenant
This configuration is entirely dedicated. Both the tenant workloads and their data are hosted on an AWS account curated and overseen by the tenant's organization.
Potential Drawbacks: Truuth generally doesn't recommend this approach due to:
- Operational Costs: Maintaining a dedicated setup can be expensive.
- Complexities: Managing a personal infrastructure can introduce challenges and complications.
However, for organizations that mandate such a setup, Truuth still offers this as a viable option.
In conclusion, the choice between shared and dedicated infrastructure, or a mix of both, hinges on an organization's specific requirements. Truuth ensures flexibility, security, and scalability regardless of the selected model.
Updated about 1 year ago