We give each of our clients the option of hosting their data using either a single or a multi-tenant model.
With the single tenant model, only that client’s data is stored within the AWS hosting infrastructure. Note this AWS infrastructure can either be:
- Owned by the client and managed by FINBOURNE
- Owned and managed by FINBOURNE
Access to client data by FINBOURNE personnel in either single or multi-tenant models is governed by the FINBOURNE Role Access Policy, which operates on the principal of least privileged access. This policy also mandates that by default there is no standing access to production client data for FINBOURNE personnel, and that any break-glass access needs to be approved by the nominated control role and audited appropriately.
In the case of the multi-tenant model, data is partitioned using a client identifier to ensure there is no cross contamination of client data. The client identifier is set at a client organisation level for all users and the client has no ability to change or submit alternate identifiers as part of any request. Only authorised users at FINBOURNE (in accordance with the FINBOURNE Role Access Policy) have the ability to change client identifiers. All significant changes that may impact this are reviewed in accordance with the FINBOURNE Application Security Policy and FINBOURNE SDLC.