Logical tenant isolation is a multi-tenancy approach where many tenants share the same underlying infrastructure, but their data is kept separate through software mechanisms such as namespaces, partitions, filters, or access controls. The separation is enforced at the application and data-organisation level rather than by giving each tenant its own physical resources.
This is the most common and cost-efficient way to serve many tenants. Because tenants share indexes and compute, the system can support a large number of them economically, and adding a new tenant is cheap — often just a new namespace or a tenant-ID field. Queries are scoped to a tenant so results never cross boundaries, while the heavy infrastructure is pooled and shared.
The trade-off compared with physical isolation is that shared infrastructure introduces some risk of cross-tenant performance interference — the noisy-neighbour problem — and weaker isolation guarantees, which can matter for strict security or compliance needs. Logical isolation suits the many cases where efficiency and scale outweigh the need for dedicated resources, while physical isolation is reserved for tenants that truly require it.