Financbase Logo

Data Isolation

Ensure secure data separation between tenants

Row-Level Security

Financbase uses row-level security (RLS) to ensure that each tenant can only access their own data. Every database query automatically filters by tenant ID.

-- All queries automatically include tenant filter SELECT * FROM transactions WHERE tenant_id = current_tenant_id() AND user_id = $1;

Benefits:

  • Automatic tenant filtering on all queries
  • Prevents accidental data leakage
  • No code changes needed - enforced at database level
  • Works with all ORMs and query builders

API-Level Validation

All API requests validate the tenant context before processing. The tenant ID is extracted from the authentication token or request headers.

// Middleware validates tenant context app.use((req, res, next) => { const tenantId = extractTenantId(req); if (!tenantId || !isValidTenant(tenantId)) { return res.status(403).json({ error: 'Invalid tenant' }); } req.tenantId = tenantId; next(); });

Data Encryption

Sensitive tenant data is encrypted using tenant-specific encryption keys, ensuring that even if data is accessed, it cannot be decrypted without the tenant's key.

Encryption Strategy:

  • Tenant-specific encryption keys
  • AES-256 encryption for sensitive fields
  • Key rotation policies per tenant
  • Encrypted backups with separate keys

Common Pitfalls to Avoid

These common mistakes can lead to data leakage between tenants:

❌ Forgetting Tenant Context

Always include tenant_id in queries. Never query without tenant filtering.

❌ Sharing Resources Between Tenants

File storage, caches, and other resources must be tenant-scoped.

❌ Exposing Tenant IDs in URLs

Use session-based tenant identification instead of URL parameters when possible.

Best Practices

Follow these practices to ensure proper data isolation:

  • Always validate tenant context at the API layer
  • Use database-level RLS policies as a safety net
  • Test cross-tenant access attempts regularly
  • Audit logs should include tenant context
  • Use separate encryption keys per tenant
  • Implement tenant-specific rate limiting
  • Regular security audits for isolation vulnerabilities