Ensure Data Segregation for Data Sharing - Multi-tenant System
As a service provider, I need to ensure that our customers can NEVER see another customer's data or even meta-data (that they exist) SO THAT customers can't see any information about their competitors and who we work with.
As a industrial operating company that shares data with partners and service providers, I need to ensure that our data is only accessible to those that we share with SO THAT we can ensure our data and company's intellectual property (IP) is safe and secure.
Using different namespaces for different customers would provide the best isolation mechanism within a single account. It does limit the possibilities of analyzing data across multiple customers though.
Bryan Owen commented
Absolute assurances are rare in cyber security. This item could benefit from discussion of how much difficulty satisfies 'can NEVER'. For example, defining a finite number of safeguards used to segregate data.