Comment by consumer451

Yes, we are using postgres and my plan was to use separate schemas, if going the single db route.

The only thing that worried me is that one product might need SOC 2 sooner than another. I thought separate databases would give a smaller compliance surface to worry about. However, this will be my first time going through this process, so I am pretty uninformed here.