Virtual machines operate alongside each other in shared physical memory but are proven safe from the hazards that we know about today; there is no slop-over of data from one virtual machine to another. When we conceive of the data resident in memory of the multi-tenant application, it is assumed that with a slight slip-up, the data of one user might be taken for that of another.
The way to think about how it's actually working, however, is the data of each user has become a virtualized entity inside the application, with an assigned owner, a restricted set of operations that may be performed on it, and a guarded list of potential users. Just as the virtual machine container sets boundaries on memory addresses and storage space that can't be crossed in virtual machine operation, it's possible also to set boundaries around data inside the multi-tenant application that are just as inviolable.
Those in a better position than I to know, experts such as Chris Pinkham, who architected the original Amazon Web Services EC2 setup and is now hard at work at enabling the private cloud at Nimbula, says the security of the multi-tenant applications will depend on how well it's been designed and built. Sanjiva Weerawarana, CEO of WSO2, is likewise providing the components for building multi-tenant services at eBay and other firms. He says it's possible to be safe, but each multi-tenant application has to be reviewed on its merits.
In addition, multi-tenancy has to strive for stateless operations, where each step of the application knows little or nothing about the one that went before. This is harder to write than traditional application logic.
There are also a number of choices to be made on how data of many users is to be stored. It can be stored in a single database system and customers mixed in a single table, as I believe Salesforce.com does, using Oracle. Or each customer can be assigned their own database system and own table, as SugarCRM says it does, using MySQL.
This is not an issue that can be resolved at a glance or with a dismissive walk-off line in an Oracle OpenWorld keynote. Maybe not all multi-tenant applications are going to meet the test. When it comes to payment card industry (PCI) compliance, multi-tenant applications are deemed non-compliant, as best I know.
But from my perspective, that means the PCI standard is showing its age and is in need of revision, rather than that the multi-tenant application has been judged perpetually unsafe. As we gain insight into multi-tenant operations, its architecture will gain in best-practice implementations. It will also take over an increasing share of traditional enterprise operations.