Client data can be hosted using either a single or multi-tenant model.

With the single tenant hosting option, only the given client’s data is hosted within a client’s AWS hosting infrastructure which can be either:

  1. Owned by the client and managed by FINBOURNE
  2. Owned and managed by FINBOURNE

Access to client data by FINBOURNE personnel in either single or multi-tenant options is governed by the FINBOURNE Role Access Policy which operates on the principal of least privileged access. This policy also mandates that by default there is no standing access to production client data for FINBOURNE personnel, and that any break-glass access is approved by the nominated control role and audited appropriately. 

In the case of multi-tenant hosting, data is partitioned using a client identifier to ensure there is no cross contamination of client data. The client identifier is set at a client organisation level for all users and the client has no ability to change or submit alternate identifiers as part of any request. Only authorised users at FINBOURNE (in accordance with the FINBOURNE Role Access Policy) have the ability to change client identifiers. All significant changes that have a potential impact on this are reviewed in accordance to FINBOURNE Application Security Policy and FINBOURNE SDLC.