Data isolation - old wine in the new bottle:

Data isolation between tenants is not a new problem for applications. Applications have always been dealing with isolating data between roles & users.

This access control exists in behaviour oriented middlewares such as workflow engines & reporting engines. For these middlewares, tenant isolation is only a namespace addition to the existing roles & users.

Application behavior isolation - Configuration Vs Customization:

Application behavior is defined as metadata & is generally modified during development time. However, metadata can be designed in such a way that portions of it can also be modified at runtime.  By having the modification local to each tenant, application can behave differently from tenant to tenant based on configuration (or) customization.

Usually, configuration based multitenancy works well for solution providers targeting SMEs, who are willing to adopt to industry best practices. But, the effectiveness of this approach depends on the maturity of product to cover majority of best practices. Customization based multitenancy is more flexible & works for service providers who target large enterprise, who are specific about their requirements to be met by the SaaS application.

http://manidoraisamy.blogspot.com/2011/04/multitenancy-when-rubber-hits-road.html