Keep Each Tenant Protected in a Multi-Tenant Environment
Your company operates a cloud native, multi-tenant service in which data flows from different customers, is pushed to the workloads which were moved from a monolith application to a microservices model, and using EKS and Fargate, data is stored on S3.
Each customer has its own tenant in the application and uses a front-end UI in order to access its data. How can you make sure that your developer did not write bad code that shares data with other tenants? How can you ensure that if someone hacks another tenant or even the application itself, data will not be exposed? How do you establish compliance with privacy regulations like the GDPR or CCPA?