Which statement is true regarding tenant permissions?

The statement regarding tenant permissions that is accurate is that data access is scoped by tenant permissions. In a multi-tenant environment like SailPoint Identity Security Cloud, each tenant operates as an independent entity. This means that data and access permissions are specifically customized and defined within the context of each individual tenant. Scoped permissions ensure that users and applications within one tenant cannot access the data of another tenant, thereby maintaining data segregation and enhancing security.

This design allows organizations using the platform to manage their user identities and access controls in a way that reflects their unique policies and regulatory requirements. The ability to scope permissions means that each tenant can have tailored access rules, which is crucial for maintaining privacy and compliance across different business units or organizations sharing the same platform.

Other options, such as the sharing of data access across all tenants or the application of permissions universally, do not accurately reflect the purpose of tenant permissions in a multi-tenant architecture. Each tenant's data must remain separate and permissions should only apply within the confines of that tenant to prevent unauthorized access or data leakage between tenants.