VinID is the country’s largest loyalty and customer engagement platform. The company serves nearly 7 million members with a comprehensive online ecosystem that connects everyday customers with thousands of discount codes from reputable and familiar brands through multi-channel merchandising and integrated pay-on-app via e-wallet.
The platform is not just a hub for supporting daily shopping and online payments, but is also a high-value database powering new consumer research and artificial intelligence initiatives designed to incrementally but substantially improve the online shopping experience for millions of consumers every day.
Solution
VinID is using HashiCorp Vault to automate dynamic secrets management across various cloud and onpremises systems and networks, enabling a richer, more secure, and engaging user experience.
Simple security, bigger scale, less effort
Because of the sensitive type of work, VinID needs more comprehensive, automated secrets management solution capable of tightly controlling tokens, passwords, certificates, and encryption keys for protecting secrets and other sensitive data across a sprawling, multiplatform environment. After evaluating multiple third-party solutions and native tools from their cloud providers, VinID deployed HashiCorp Vault because of the product’s broad support for both cloud and on-prem systems, centralized key management for simpler data encryption, and easy ability to scale to match the company’s evolving security needs.
VinID uses Vault to centrally manage and enforce access to secrets and systems based on trusted sources of application and user identity. Unlike static IP-based solutions that can’t scale in dynamic environments with frequently changing applications and machines, Vault automatically limits how long ephemeral credentials and secrets can live by creating time-based tokens for automated revocation and management. At the same time, the solution provides detailed audit logs that supply the VinID team with detailed histories of client interactions — authentication, token creation, secret access and revocation — to help detect security breaches or attempted access to systems, and enable the company to quickly respond by implementing new policy updates or manual interventions to mitigate risk further.
Also Vault’s open source version made adopting a new secrets management solution more attainable and cost-effective while covering approximately 90% of their secret management needs. And as the company’s budget and security requirements permitted, it transitioned to paying for Vault Enterprise to cover the rest of the ever-growing environment.
Outcomes:
– Reduced time spent on secrets management by 90%
– Tenfold increase in secrets management speed and storage
– Frees DevOps teams for higher value tasks
– Automated secret management positions VinID to scale to a multi-region deployment across Asia using Google Cloud Platform
Ask us for personal demonstration of HashiCorp Vault!