* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Cloud Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Native Application Platform](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/category/cloud-native-application-platform/)
* 4 Reasons to Implement Mu...

# 4 Reasons to Implement Multitenancy in Your Cloud Security Strategy

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fmssp-security-console-data-isolation%2F)  
[](https://twitter.com/share?text=4+Reasons+to+Implement+Multitenancy+in+Your+Cloud+Security+Strategy&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fmssp-security-console-data-isolation%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fmssp-security-console-data-isolation%2F&title=4+Reasons+to+Implement+Multitenancy+in+Your+Cloud+Security+Strategy&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/mssp-security-console-data-isolation/&ts=markdown)  
\[\](mailto:?subject=4 Reasons to Implement Multitenancy in Your Cloud Security Strategy)  
Link copied  
By [Jason Williams](https://www.paloaltonetworks.com/blog/author/jason-williams/?ts=markdown "Posts by Jason Williams")  
Sep 19, 2024  
5 minutes  
[Cloud Native Application Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-application-platform/?ts=markdown)  
[Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown)

The shift to the cloud is reshaping how developers build and deploy applications, but it also brings new security challenges. As organizations scale their cloud footprint, face new compliance requirements, or segment the enterprise, they realize the need for a multitenant tenant security architecture.

In this blog post, we explore a few key scenarios where security teams would benefit from incorporating multitenancy into their cloud security strategy.

## What Is Multitenancy?

With respect to cloud security, a multitenant architecture is a system where multiple organizations share the same cloud infrastructure while keeping their data separate.

The concept is similar to apartment buildings with tenants --- perhaps that's where the name came from. Each tenant, or resident, shares the same building facilities, like elevators and hallways, but their apartments remain isolated from each other.

With respect to the cloud, hundreds, even thousands of organizations will share the same infrastructure, but their data remains isolated. Many cybersecurity vendors build multitenant cloud security platforms where they serve each customer as a tenant. Some circumstances, though, could require the customer to deploy and manage multitenant security within their own environment. Let's look at some examples.

## Environment Separation Across the SDLC

In the modern cloud, the [software development lifecycle (SDLC)](https://www.paloaltonetworks.com/cyberpedia/sdlc-software-development-lifecycle) has become a more complex and multilayered process. Consider typical stages of software testing and deployment --- development (dev), testing (QA), user acceptance testing (UAT) and production (prod). The process ensures application owners deliver high-quality products to their end users. Security isn't an afterthought.

By building and [testing security controls throughout the SDLC](https://www.paloaltonetworks.com/cyberpedia/what-is-secure-software-development-lifecycle), you prevent potential mistakes and outages in production. So why is there a need for multitenancy? It's natural for organizations to manage dedicated cloud environments with different owners across the SDLC. It's also important to keep data, and access to that data separated across the different environments.
![SDLC stages](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/09/word-image-328043-1.png)
Figure 1: SDLC stages

Because Prisma Cloud is a multitenant platform, your security architecture can mimic the SDLC structure that your app owners use --- e.g., developers, QA, UAT and prod. Not only can you segment environments across the SDLC, but also you build and test security policies through each stage from a single console.

## Securing Distributed Enterprises

Many large organizations end up with several business units (BU) or subsidiaries, sometimes driven by mergers and acquisitions. Security and IT teams have a set of unique requirements in these situations:

### Data Isolation

After an acquisition, the parent needs to safely onboard new cloud assets without bringing cyber risk to existing data. Enforcing data segmentation or access governance between companies can help prevent potential cross contaminagtion or incidents.

### Cost Tracking

While multiple business units (BUs) may use the same tools across the company, each has separate budgets or cost centers. This requires IT teams to track license consumption for accurate cost allocation.

### Consistent Policy

Centralized security teams will want to provision the same security policies across BUs. Doing this across multiple consoles or policy models increases complexity and creates to security gaps.

With Prisma Cloud, you can safely onboard cloud infrastructure from acquired companies. Because the platform offers multitenancy, you can isolate security data between companies and business units to mitigate the potential risk of cross-contamination. Security teams can also manage security policies across tenants from one console. The flexible policy model allows organizations to fully manage or co-manage security policies with the acquired company. The Prisma Cloud multitenant console enables organizations to control credit allocation and measure consumption across tenants helping IT and security teams continuously predict costs and enforce charge back on various cost centers.

## Providing Managed Security Services

Many organizations lack in-house cybersecurity expertise, automation and resources to defend their clouds against threats. As a result, they turn to managed security service providers (MSSPs) to administer their cloud security, while the business focuses on their core operations.

MSSPs deliver managed security services to dozens, hundreds, sometimes thousands of clients. Because they provide customizable services and ensure data separation across customers, multitenancy becomes not just essential, but a requirement.

​​With [Prisma Cloud](https://www.paloaltonetworks.com/blog/prisma-cloud/meet-the-new-prisma-cloud-mssp-console-for-flexible-security-services/), MSSPs can manage multiple tenants from a single console, enabling them to isolate customer data and rollout customized security services. The multitenant management also helps MSSPs apply security policies at scale, centrally manage alerts, and monitor license usage across customers.
![Prisma Cloud multitenant console](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/09/word-image-328043-2.png)
Figure 2: Prisma Cloud multitenant console

## Regulatory Requirements

Adopting a multitenant cloud security architecture benefits organizations needing to comply with the regulatory or data residency requirements. For example, a U.S.-based CRM provider that services European businesses must isolate data processed within EU clouds to comply with [General Data Protection Regulation (GDPR)](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance) standards. For security teams, this can prove challenging, as it tends to create fragmented policy management across global regions, increasing complexity.

With Prisma Cloud's multitenant architecture, you can facilitate data isolation without additional complexity. For GDPR compliance, it ensures that data from one tenant isn't accessible to or intermingled with another tenant. Additionally, the Prisma Cloud multitenant console enables organizations to write policies once and apply them across tenants for consistent security.

For example, organizations can assign a dedicated tenant for each EU country they operate in, ensuring localized cloud data handling meets GDPR requirements. In contrast, other regions may only need a single tenant for their operations.

## Secure from Code to Cloud

Prisma Cloud is more than a multitenant security solution. It helps protect your applications from the code in development to the deployments across clouds.

Need to scale your security while isolating data? Talk to an expert and see [Prisma Cloud in action](https://www.paloaltonetworks.com/prisma/cloud/request-a-prisma-cloud-demo).

*** ** * ** ***

## Related Blogs

### [Cloud Native Application Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-application-platform/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown)

[#### Tame Complexity, Turbocharge Security: Prisma Cloud Copilot](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/ai-powered-security-copilot/)

### [Announcement](https://www.paloaltonetworks.com/blog/cloud-security/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Cloud Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-platform/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown)

[#### Closing the Gap Between Cloud Visibility and Network Security](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/cloud-visibility-network-security-context-exposure-management/)

### [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Code Security](https://www.paloaltonetworks.com/blog/cloud-security/category/code-security/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Research](https://www.paloaltonetworks.com/blog/cloud-security/category/research/?ts=markdown)

[#### An Inside Look into ASPM: Five Findings from New Industry Research](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/aspm-research-omdia/)

### [Cloud NGFW](https://www.paloaltonetworks.com/blog/network-security/category/cloud-ngfw/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown)

[#### Modernizing Security on AWS: From Firewall Ops to Security Intent](https://origin-researchcenter.paloaltonetworks.com/blog/network-security/modernizing-security-on-aws-from-firewall-ops-to-security-intent/)

### [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Software Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/software-firewalls/?ts=markdown)

[#### Turn Your Multicloud Security into a Business Enabler](https://origin-researchcenter.paloaltonetworks.com/blog/network-security/turn-your-multicloud-security-into-a-business-enabler/)

### [Application Security](https://www.paloaltonetworks.com/blog/cloud-security/category/application-security/?ts=markdown), [AppSec](https://www.paloaltonetworks.com/blog/cloud-security/category/appsec/?ts=markdown), [ASPM](https://www.paloaltonetworks.com/blog/cloud-security/category/aspm/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Palo Alto Networks and Veracode: Unifying Application Security from Code to Cloud](https://origin-researchcenter.paloaltonetworks.com/blog/cloud-security/application-security-veracode-partnership/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language