A company is evaluating a multi-tenant SaaS document platform. The security team wants to reduce the impact of another tenant’s breach and ensure employees who leave are removed from the app within minutes. Which two requirements should the team prioritize? Select two.
Logical tenant isolation helps prevent one tenant from reading or influencing another tenant’s data. Separate customer encryption keys further reduce cross-tenant risk because encrypted content is not protected by a single shared key set. Together, these requirements are useful when evaluating multi-tenant SaaS risk and selecting a provider with stronger separation controls.
Why this answer
Option A is correct because logical tenant isolation (e.g., separate databases or namespaces) and separate customer encryption keys ensure that a breach in one tenant cannot access another tenant's data, directly reducing the impact of cross-tenant attacks. This aligns with the shared responsibility model in SaaS, where the provider must enforce strong multi-tenant boundaries at the application and data layers.
Exam trap
The trap here is that candidates may confuse 'shared local admin account' (Option B) with efficient offboarding, but it actually undermines security and auditability, while the correct approach is federation with SCIM for automated lifecycle management.