I’ve been doing a fair bit of development work over the last few weeks. Much of this is has been in Bubble. I’ve been curious to see how powerful it is and what can be achieved.

The thing that has been particularly pleasing for me has been the convergence of creativity and productivity. It’s not often you are able to have an idea and just get it down, without a lot of work; several months of work.

I’ve been playing with getting a Saas developed and ready for market. I would say most of it has been done inside 2 months. Which is very satisfying. There is still the marketing side to be done and also splitting down the features into pricing tiers.

Anyway, it got me thinking about database structure and data security, which is one of the key things to get right. Basically if you get it wrong, you have got big time data leakages on your hands. And you are not going to know about it until your client’s data has been harvested by their competitor.

There are several other things to take in to account too. So let’s look at the kinds of things that were going through my mind as I was developing:

1. Data Security: Aside from all of the standard cloud computing precautions like data encryption at rest and in transit you have to think about how the app is going to manage the data for multiple clients all of the time. The risk of data leakage is pretty high. And this is not just across tenants, but within the tenant itself. You need to come up with a rock solid protocol to make sure those who can see the data, are allowed to; and those that should not see the data, do not.

2. Data Isolation: Maintaining strict data isolation between tenants is crucial to ensure that each customer's data is separate and protected. Failure to properly isolate data can lead to data corruption or unauthorized access. And so what this means is, you need to get your strategy right for segmenting the data for each client. But you need to make sure you can allow external users to hop from one tenant to another without knowing they are doing it. The main concern here is session sharing across tenants.

3. Scalability and Performance: If you have lots of data, assumptions you make about performance now, could cause you problems down the road. This means going back to the old client-server approach of only getting only as little amount of data as you need for each request. Get too much, and you are going to be putting request upon request until the whole thing stops. Think about scalability carefully. And if you are using a No Code platform, this is going to mean making sure you understand what the backend data processing features do, so that you can leverage the platform in the way the creators want to you. There are no short cuts. This means careful architectural planning & review and regular performance testing throughout the development cycle.

   ---

   Learn how Orzo Blue we can help you create apps and Saas platforms you can take to market.

   Learn about Orzo Blue

   ---

4. Customization and Configuration Challenges: You need to balance the need for customization and configuration options while maintaining a shared codebase. And this can be challenging. If you can over the longer term provide flexibility to meet individual customer requirements without compromising stability, then do it. But when you are getting started, think of customer feedback in terms of what it might means for everyone else. Not all ideas are good ideas. In the early days you want something that is easily maintainable and gives you the confidence to feel you have product market fit.

5. Upgrades and Maintenance: Rolling out upgrades or applying maintenance patches to a multi-tenant application requires careful coordination to ensure minimal disruption to all tenants. My worry is always data and backwards compatibility. If you don’t plan carefully or testing you can be in a whole load of trouble.

6. Tenant Onboarding and Offboarding: Managing the onboarding and offboarding process for multiple tenants can be complex. You need to think about the sign up process, providing them with instruction and details on how features work, hand holding them through the early days of using your platform and engaging them with what your platform does. You need to remind them why they signed up in the the first place. But also you need to be able to give them a way out if they need to. You can do this by offering data exports which gives them a real sense of ownership of their data.

7. Regulatory Compliance: Depending on the industry or region, multi-tenant SaaS applications may need to comply with various regulations, such as data privacy laws (e.g., GDPR) or any industry-specific standards. If you get these wrong you may end up regretting it later on.

There were many things from this list that I spent a long time thinking about. Days without coding, or coding then recoding just to get things right. You do need to thoroughly assess and address any risks that come to mind during the design and development phase. And remember mistakes or shortcuts you take now, may come back to haunt you in the longer term.

By the way, I am thinking about changing the name of the blog. I’ve spent a lot time thinking what I want to do over the next few months and I am pretty much settled that I want to do is is write about building businesses with using no code platforms.