We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Miles McGuire - Guardrails: Keeping customer data separate in a multi tenant system - Rails World
Learn how Intercom uses guardrails to keep customer data separate in their multi-tenant system, navigating complex data models, edge cases, and automation to ensure data security and scalability.
- Guardrails are essential for keeping customer data separate in a multi-tenant system, such as Intercom.
- Intercom’s data model is complex, with almost 800 active record models, and multiple databases.
- The company was initially using an active record solution, but it was not scalable.
- A key challenge was identifying and fixing edge cases, which required manually reviewing issues and making decisions about how to handle them.
- The solution involved setting up a safe app and ensuring that it was used consistently across the system.
- The company also implemented automated protection against data breaches and relied on engineering best practices to separate customer data.
- Additional measures included raising exceptions when attempting to access data that did not belong to the current app.
- The company’s data model includes an app ID column, which helps to separate data for each customer.
- Admins are crucially not associated with a single app, so a separate system was needed to manage admin access.
- Intercom’s authentication process was also complex, with multiple ways of inferring the right app.
- The company used Honeycomb for tracing and debugging, which helped to identify issues and improve performance.
- Edge cases were a major challenge, but by manually reviewing issues and making decisions, the company was able to fix them and improve data security.
- Automated protection was implemented to prevent data breaches, and the company relied on engineering best practices to ensure data separation.
- Additional measures included setting up a safe app and raising exceptions when attempting to access data that did not belong to the current app.