Stormpath customers are experiencing first hand the repercussions of using a multi-tenant cloud hosted API. The company was acquired and users have to get data out, fast. By 8/17/2017 to be exact.
A recent article by ProgrammableWeb discusses the dangers of using third-party APIs, however they fail to mention ways to avoid this danger. The answer is not to stop using cloud APIs, nor is it to only select API’s from tech giants like Amazon, Google or Microsoft. Before choosing your identity and user management provider consider the deployment options.
Despite increasing cloud popularity, many companies still prefer (or require) an on-premise solutions.
Certain organizations face regulatory requirements that demand an on-premise solution. Regulatory controls and legal requirements vary depending on the industry, but many companies fall into this category. A third-party cloud vendor may not fit the compliance requirements for a particular organization within the finance or pharmaceutical sector.
An on-premise solution can insulate you from issues Stormpath customers are now faced with. By installing the software on your servers (real or cloud-based) you gain control over:
- User data
If the company shuts down or is acquired, you can likely continue using software since it is running on your servers. If this is not the case, the user data is yours and can easily be removed at your discretion.
How do you protect your data? How do you ensure that you are the only one seeing your user data?
Multi-Tenant vs. Single-Tenant
Multi-tenant is an architecture where multiple companies store their data within the same instance. With single-tenant, each company has their own individual instance. With a single-tenant solution you receive maximum privacy. The risk of another business accidentally receiving data that doesn’t belong to them is eliminated. Each customer’s user data is separate and secure.
When considering cloud solutions, it is always important to prepare for the worst-case scenario. You should think about how you will get your data out of the cloud, before you ever put it in there. In the event of an API shutdown, data recovery is much easier when each customer’s data is isolated in a single-tenant cloud.
Flexible Hosting (with a pitch)
Passport offers on-premise or single tenant cloud hosting. With these options, you have the ability to choose which deployment best meets your business or application needs. In addition, you have the flexibility to change your mind down the road.