Multi-tenancy sounds enterprise. In practice it means every row knows which customer it belongs to and every query respects that boundary.
Tenant models
- Org-per-customer (default for B2B).
- Workspace inside org for large accounts.
- Siloed database per enterprise client (only when contract requires).
Isolation checklist
- org_id on every tenant-owned table.
- Middleware sets tenant from session.
- Integration tests that user A cannot read user B's IDs.
- Background jobs pass org_id explicitly.
Billing linkage
Map Stripe customer to organisation, not individual user, unless you are prosumer B2C.
Use this as a working checklist inside your team first. When the same steps repeat every week and spreadsheets start breaking, that is usually the moment to scope the smallest reliable integration that removes repeated copy-paste from a core workflow as an owned system. See the relevant Standen service · More guides · SaaS ops audit.