Protecting user data in multi-tenant SaaS


What is your take on the ownership of members data in a multi-tenant SaaS (Software as a Service). I am designing a reservation type SaaS for the use of mainly two groups of people - the consumers and operators.

The operators manage their reservation (for the consumers) via the SaaS. The operators can sign-up customers (walk in customers) into the system.
The consumers can a) sign up on their own and link themselves to the operators of choice (hence one-time sign up) OR b) being signed up by an operator. Either way, the consumer now has a universal account in the ecosystem and can engage the service of any operators they like.

The question is what level of ownership the operators can lay claim on the consumer data?


asked Oct 20 '11 at 13:02
Lc Yoong
1 point

1 Answer


I am making some guesses here based on the limited information provided...

The operators should only be able to view/report on data related to their business. Even if an operator has signed up a consumer, they should only see data of that consumer related to their operation.

If the consumer links in with other operators, this shouldn't be available to the original operator.

Without this, you won't have the trust of your consumers.

I try to make these decisions based on what is intuitive, and what would you expect... in this case, from the consumers point of view. If you can't put yourself in their shoes... then ask them.

answered Oct 20 '11 at 13:15
Joel Friedlaender
5,007 points
  • Thanks for your insight Joel. I somewhat share the view. Here is my take on the data policy: If the customer sign up the consumer, they can even export the customer data out of the system (among other data pertaining to their account) but can't claim exclusivity on the consumer data. Other operators can engage the customer just as much if the consumer has chosen the other operators. But, would this policy shun either the operators or consumers to use the system? – Lc Yoong 11 years ago
  • I don't know anything about your system, but if the value the system has is to get that data... then maybe. If your system is adding value in other ways (ie. managing reservations) and getting the data is just a bonus, then I can't imagine it would be a deciding factor. – Joel Friedlaender 11 years ago
  • Obviously the consumer data is important and valuable. But, I am threading carefully so that the operators (from where the revenue will be generated) will not feel their customer data is being held up. Should the operator choose to end the contract, we will allow the operator to export out consumer data that they have signed up directly. – Lc Yoong 11 years ago

Your Answer

  • Bold
  • Italic
  • • Bullets
  • 1. Numbers
  • Quote
Not the answer you're looking for? Ask your own question or browse other questions in these topics: