Securing 10 million personalized promotions (Vietnamese consumer retail app provider VinID uses HashiCorp Vault to automate secrets management and reduce time required to protect sensitive data by 90%)

Published: 26 May 2021

Reading time: 2 minutes

VinID is the country’s largest loyalty and customer engagement platform. The company serves nearly 7 million members with a comprehensive online ecosystem that connects everyday customers with thousands of discount codes from reputable and familiar brands through multi-channel merchandising and integrated pay-on-app via e-wallet.

Toan quoc

The platform is not just a hub for supporting daily shopping and online payments, but is also a high-value database powering new consumer research and artificial intelligence initiatives designed to incrementally but substantially improve the online shopping experience for millions of consumers every day.

Solution
VinID is using HashiCorp Vault to automate dynamic secrets management across various cloud and onpremises systems and networks, enabling a richer, more secure, and engaging user experience.

HashiCorp Vault

Simple security, bigger scale, less effort
Because of the sensitive type of work, VinID  needs more comprehensive, automated secrets management solution capable of tightly controlling tokens, passwords, certificates, and encryption keys for protecting secrets and other sensitive data across a sprawling, multiplatform environment. After evaluating multiple third-party solutions and native tools from their cloud providers, VinID deployed HashiCorp Vault because of the product’s broad support for both cloud and on-prem systems, centralized key management for simpler data encryption, and easy ability to scale to match the company’s evolving security needs.

VinID uses Vault to centrally manage and enforce access to secrets and systems based on trusted sources of application and user identity. Unlike static IP-based solutions that can’t scale in dynamic environments with frequently changing applications and machines, Vault automatically limits how long ephemeral credentials and secrets can live by creating time-based tokens for automated revocation and management. At the same time, the solution provides detailed audit logs that supply the VinID team with detailed histories of client interactions — authentication, token creation, secret access and revocation — to help detect security breaches or attempted access to systems, and enable the company to quickly respond by implementing new policy updates or manual interventions to mitigate risk further.

Also Vault’s open source version made adopting a new secrets management solution more attainable and cost-effective while covering approximately 90% of their secret management needs. And as the company’s budget and security requirements permitted, it transitioned to paying for Vault Enterprise to cover the rest of the ever-growing environment.

HashiCorp Vault 2

Outcomes:
– Reduced time spent on secrets management by 90%
– Tenfold increase in secrets management speed and storage
– Frees DevOps teams for higher value tasks
– Automated secret management positions VinID to scale to a multi-region deployment across Asia using Google Cloud Platform

Ask us for personal demonstration of HashiCorp Vault!

To make this website run properly and to improve your experience, we use cookies. For more detailed information, please check our Cookie Policy.

  • Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.