Skip to main content

We have rebranded from Iqidis — meet Irys. A new identity for the future of legal work.

Irys
Security

Tenant Isolation

Definition

Tenant isolation is a security architecture in which each customer's data is logically or physically separated from every other customer's data within a multi-tenant platform. In legal AI, tenant isolation ensures that one firm's confidential information, work product, and AI interactions are completely inaccessible to other firms using the same platform.

Most cloud-based legal AI platforms serve multiple law firms from shared infrastructure, a model known as multi-tenancy. While multi-tenancy provides cost and scalability benefits, it creates a risk that one tenant's data could be accessible to another through software bugs, misconfigured access controls, or cross-tenant data leakage in AI model context.

Tenant isolation addresses this risk through multiple mechanisms. At the data layer, each firm's information is stored in separate logical or physical databases with access controls that prevent cross-tenant queries. At the application layer, authentication and authorization systems ensure that users can only access their own firm's data. At the AI layer, each firm's queries and context are processed in isolated sessions that cannot leak into another firm's interactions.

For law firms, tenant isolation is particularly important because of ethical obligations regarding client confidentiality. If Firm A's confidential strategy document could theoretically appear in Firm B's AI-generated research results due to inadequate isolation, both firms face serious ethical and malpractice exposure. Robust tenant isolation eliminates this risk category entirely.

How Irys approaches this

Irys implements strict tenant isolation at every layer of the platform, from data storage to AI processing, ensuring that each firm's data is completely segregated from all other tenants.

Related terms

Security

Zero Data Retention

Zero data retention is a security policy in which an AI platform does not store user queries, uploaded documents, or generated outputs on its servers after processing is complete. For law firms, this policy ensures that confidential client information is not retained in third-party systems where it could be exposed through data breaches or used to train AI models.

Security

SOC 2 for Legal AI

SOC 2 (System and Organization Controls 2) is an auditing framework developed by the AICPA that evaluates a service provider's controls for security, availability, processing integrity, confidentiality, and privacy. For legal AI platforms, SOC 2 compliance demonstrates that the vendor has implemented and maintained the security controls necessary to protect sensitive legal data.

Security

Attorney-Client Privilege and AI

Attorney-client privilege protects confidential communications between a lawyer and client made for the purpose of seeking or providing legal advice. When lawyers use AI tools, privilege concerns arise because sharing privileged information with a third-party technology provider could be construed as a waiver of the privilege if adequate confidentiality protections are not in place.

Security

End-to-End Encryption in Legal

End-to-end encryption is a security method in which data is encrypted on the sender's device and can only be decrypted by the intended recipient, remaining encrypted throughout transmission and storage. In legal AI, end-to-end encryption protects confidential client data, privileged communications, and work product at every stage of processing.

Back to glossary

See Tenant Isolation in action

Irys One brings research, drafting, and document intelligence together in one platform. Try it free for 14 days.

Try Irys free