Multitenancy security architecture and implementation best practices
Pega Platform™ implements a comprehensive security framework designed for multitenant architectures, using multiple layers of protection to ensure tenant isolation and data security. The security architecture includes five distinct domains, each operating at different system layers to provide comprehensive protection:
- Network security forms the foundational layer. It uses Transport Layer Security (TLS) protocols to encrypt data that is in transit and applies load balancer filtering to restrict unauthorized access. These controls help ensure that network communications maintain confidentiality and integrity through industry-standard encryption protocols.
- Application security provides tenant-specific access controls through unique tenant URLs and authentication mechanisms. Each tenant receives distinct login URLs, SOAP URLs, and REST URLs with unique IsolationHash identifiers that represent the tenant's identity during data processing, data saving, and data display operations.
- Authorization controls implement multiple access control models, including role-based access control (RBAC), attribute-based access control (ABAC), and basic access control (BAC). These systems help ensure that users access only the resources and actions appropriate to their roles and attributes within their tenant boundary.
- Data security maintains tenant isolation through the tenant-safe database component, AES-256 encryption for data at rest, and field-level encryption for sensitive information. The enhanced database schema isolates tenant-specific information at the data access layer to ensure complete data segregation while maintaining operational efficiency.
- The compliance framework addresses regulatory requirements such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and System and Organization Controls (SOC) controls by using specialized security policies and audit features. It provides tools for data privacy management, audit trail generation, and compliance reporting to meet industry standards.
Security implementation patterns
To ensure robust protection in multitenant environments, Pega Platform employs a layered security approach that combines isolation, access control, and encryption. These key implementation patterns help safeguard tenant data and enforce secure operations across shared infrastructure.
Tenant isolation mechanisms prevent access to another tenant’s data or resources. Architectural controls at the database level store tenant-specific content in a tenant-safe database component that is visible only to authorized users within that tenant boundary.
Access control patterns provide granular security through multiple authorization models. RBAC organizes users into roles with specific permissions. ABAC enables dynamic access decisions based on user attributes, environmental conditions, and resource characteristics. These patterns work together to create flexible and secure access control frameworks.
Encryption strategies protect data at rest and in transit. Pega Cloud® environments use 256-bit AES encryption for all client data stored in volumes, databases, and S3 buckets, with key management by using Amazon KMS. Data-in-transit protection is achieved through TLS protocols across all network connections.
Implementation best practices
Designing secure and scalable multitenant applications requires thoughtful planning across architecture, performance, and compliance. Lead System Architects should apply the following best practices to isolate tenants, optimize resource usage, and maintain regulatory alignment throughout the application lifecycle.
Architecture planning
Lead System Architects define tenant boundaries during the initial design phase to support secure and scalable multitenant applications. Plan Access Groups, Access Roles, and security policies that enforce tenant isolation and enable operational flexibility.
Tenant boundary design requires analyzing data flows, user interactions, and integration requirements to ensure complete isolation between tenants. The design must also account for current requirements and future scalability.
Security policy configuration involves implementing RBAC and ABAC policies, establishing authentication and authorization workflows, and ensuring that access controls are manageable and auditable across tenant environments.
Performance optimization
Efficient resource usage is essential in multitenant environments. Use the following strategies to optimize performance while maintaining tenant separation and responsiveness across shared infrastructure:
Resource sharing strategies balance shared infrastructure benefits with tenant isolation. For example, optimize database queries for tenant-safe operations, implement caching strategies that respect tenant boundaries, and design workflows that maximize resource use.
Scalability planning addresses horizontal and vertical scaling in multitenant environments. Planning must consider tenant growth patterns, resource use trends, and performance requirements to support future expansion.
Compliance management
Meeting regulatory requirements starts with proactive design choices. The following practices help you implement controls that support data privacy, auditability, and ongoing compliance throughout the application lifecycle:
Regulatory alignment ensures that the architecture meets compliance requirements such as data residency, privacy protection, and audit trail generation. Alignment involves implementing data governance policies and monitoring procedures for ongoing compliance.
Audit and monitoring capabilities provide visibility into system operations, security events, and compliance status. The monitoring framework must include real-time alerting, detailed logging, and reporting to support operational management and regulatory compliance.
Check your knowledge with the following interaction:
This Topic is available in the following Modules:
Want to help us improve this content?