Documentation
Security & ComplianceMulti-Tenancy & Isolation

Multi-Tenancy & Isolation

How Compass ensures your data is completely isolated from other organisations.

Compass is a multi-tenant platform — multiple organisations share the same infrastructure. This page explains how we ensure complete data isolation between tenants.

Organisation-Level Isolation

Every piece of data in Compass is scoped to an organisation:

  • Database queries — All queries include an organisation ID filter. There is no API endpoint that can return data across organisations.
  • API authorisation — Every API request is authenticated and authorised against the user's organisation membership before any data is accessed.
  • Connector credentials — Encrypted per-organisation. One organisation's credentials cannot be used or accessed by another.
  • Reports — Discoveries, reports, and audit logs are owned by the organisation that created them.

How It Works Technically

User Request
  → Authentication (verify user identity)
  → Organisation Membership Check (verify user belongs to org)
  → Organisation-Scoped Query (WHERE org_id = ?)
  → Response (only this org's data)

This is enforced at the API middleware level, not at the application code level, which means:

  • A bug in application code cannot accidentally expose another organisation's data
  • New features automatically inherit organisation scoping
  • There is no "global" query mode that bypasses organisation filtering

Role-Based Access Within Organisations

Within each organisation, access is further controlled by roles:

RolePermissions
OwnerFull access, manage billing, delete organisation
AdminManage members, connectors, and all discoveries
MemberCreate and view discoveries, run reports

Connector Isolation

Connector services are stateless and don't maintain any per-organisation state:

  • Each API call includes only one organisation's credentials
  • There is no shared connection pool or credential cache
  • Connector responses are returned directly to the requesting organisation's context
  • No connector data persists between requests

Enterprise Isolation Options

For organisations that require stronger isolation guarantees:

  • Dedicated database — Your data in a physically separate database instance
  • Dedicated infrastructure — Separate compute resources for your organisation
  • On-premises deployment — Full stack running in your own environment with no shared components

Contact sales to discuss Enterprise isolation options.

Data Residency

Where your data lives and regional deployment options.

Compliance

Compass compliance controls for SOC 2, GDPR, and enterprise audit requirements.

On this page

Organisation-Level IsolationHow It Works TechnicallyRole-Based Access Within OrganisationsConnector IsolationEnterprise Isolation Options