Security & Compliance

Is each MiOpsAI tenant fully isolated from others?

Yes — every MiOpsAI tenant is fully isolated at the data, AI memory, authentication, and audit-log layers. Tenant isolation is enforced in the database, in the application code, in the AI inference layer, and in the API surface. There is no path by which tenant A can read, write, or influence tenant B's data.

The four isolation layers

  1. Database isolation — every query carries a tenant_id scope enforced via parameterized Kysely queries (no raw SQL allowed in app code, per our hard rules). Cross-tenant joins are physically impossible at the application layer.
  2. AI memory isolationLizziAI's vector store, embeddings, and learned voice profiles are partitioned per tenant. The model serving tenant A has zero exposure to tenant B's data, prompts, or behaviors.
  3. Authentication isolation — JWTs and session tokens carry tenant scope; the middleware rejects any request whose token doesn't match the requested tenant.
  4. Audit-log isolation — every action log is tenant-scoped; tenant A admins can never see tenant B activity even via support tools.

    5. How we test this

    • Per-deployment cross-tenant integration tests attempt to read tenant B's data via tenant A's auth token. Build fails on any leak.
    • Quarterly third-party penetration testing with focus on multi-tenant boundary attacks.
    • Internal red-team exercises simulating a hostile tenant trying to escalate privileges.
    • Bug bounty program for ongoing external scrutiny.

    Optional: dedicated database for Enterprise+

    For Enterprise+ customers requiring physical isolation beyond logical multi-tenancy (typically regulated industries or those with strict procurement requirements), we offer a dedicated database instance with the same application code but no shared tablespace. Adds to the base $1,599/month Enterprise+ price.

    What is shared

    Compute infrastructure (the application servers themselves) and the multi-model AI router are shared across tenants — but every request carries tenant scope. Background workers process tenant jobs in scoped queues. Caches are tenant-keyed. Nothing crosses the line. Request a security review packet for the technical detail.

Last updated April 20, 2026

Related questions

Is MiOpsAI SOC 2 compliant?Does MiOpsAI use my data to train AI models?How does MiOpsAI handle data breaches and incidents?Does MiOpsAI comply with GDPR for European customers?Can I delete all my data from MiOpsAI permanently?Does MiOpsAI comply with CCPA for California residents?

Ready to see MiOpsAI in action?

Request access and we’ll walk you through how the platform solves your specific workflow.

Request Access →