Code Room
System designHardsd-g466
Subject MultitenancyLevel Senior–Staff~50 minCommon in Security interviewsIndustries Technology

Question

Design per-tenant cryptographic isolation for a SaaS storing data for 200,000 tenants in shared multi-tenant tables and object storage, where each tenant must have its own data-encryption key, some enterprise tenants bring their own key (BYOK) in their own KMS, and a tenant's 'delete my org' must be provably irreversible within minutes (crypto-shredding) without rewriting petabytes. The system serves ~300k decrypt operations/sec. Discuss the key hierarchy, where per-row vs per-tenant keys live, how you avoid a KMS call on every read, the BYOK trust/availability problem, and how deletion works.

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.