In IT, this is a software architecture that is being delivered to many different clients, but in such a way that the systems are completely isolated from one another.
Nothing is shared with each other, neither network ranges nor address spaces in volatile memory, nor databases, message queues, FTP servers, hard disk storage, log files, certificates, binaries… nor anything else.
The distribution of a new software release from Gridware is therefore carried out separately for each client. Of course this does not happen manually: the deployment and the roll-out process of the entire infra-structure is fully automated.
Similarly, we set up new clients at the push of a button, after a few configuration files have been adjusted and images, colors, etc. have been stored. Various test and pre-production systems therefore behave 99% the same, ensuring quality.
Which brings us to the last point: self-protection! A bug in the software must never lead to a data leak, causing for example one tenant seeing the data of another. This is surprisingly common: it happens regularly in sensitive software, even in banking tools! Even if not directly harmful – it is extremely embarrassing and would indirectly damage your business. Of course, you cannot ask a bank to create its own software instance for each account holder. But in the B2B context, which is where we are, that is the most pragmatic answer.
The situation is different in the relationship between clients and sub-clients. Since user management together and infrastructure are shared in this case, the business processes and thus the data are ultimately so closely related that they are left in one system because the data has to be referenced to one another. This also applies to sub-sub-clients and so on.
Finally, this software architecture also enables integration within the IT landscape of our customers using E2E encryption.
This post is also available in: Deutsch (German)