Skip to main content
Case Study

The 3 Keys to Successful Vault Adoption at Large Enterprises

HashiCorp's Dan McTeer previously worked at a Fortune 500 tech company that onboarded a massive number of development groups to HashiCorp Vault. Learn the 3 keys to obtaining such high adoption rates.

Speakers

For more useful content on how to successfuly adopt HashiCorp Vault, read the HashiCorp Vault Adoption Guide and Practical Advice for a Successful Vault Deployment.

Transcript

Hi, my name is Dan McTeer, and I'm a Vault technology specialist here at HashiCorp. Previous to joining HashiCorp, I worked for a large Fortune 500 company where we deployed Vault and had it running in production for a couple of years. This was servicing hundreds of trillions of transactions across the planet and billions of transactions through Vault itself.

Hiring the right people

It was a large implementation of Vault. I often get asked by customers, “What did you do to make that successful?” There are three main things that it comes down to. The first one is having the right team—having the right people in place. My team consisted of a good mix of system administrators and developers. This was good for understanding the sorts of problems that our users would go through—but also understanding how to manage the systems if problems occurred.

The sorts of problems that we were having to solve on a day-to-day basis were very much system administration type problems. But then understanding how to explain to our users how to implement something like Vault in their workflow was also a critical part to managing the service.

Having an automation mindset

The second key to success is an automation mindset. Not just on the team that's running the service, but on the team that are consuming the service as well.

When we were looking at secrets management tools, Vault offered a very flexible, very robust API that allowed us to integrate just about anything into it. We were able to take a lot of that manual day-to-day process and move it into automated processes, freeing up a lot of our time to do forward-thinking type tasks when managing a large service like this.

Training

So, the last key to success and probably the most critical and most successful part of what we did was we created a training program for our internal users.

We partnered with HashiCorp during this using the Vault 101 training. We would go around to our major offices every six months and train our users on how to use Vault. We would put up lab environments, and we would walk them through proper utilization, best practices, things like that.

Now I know that seems complicated. I know that seems like an extra amount of time that shouldn't be spent. The great thing about this program was that sometimes within hours of finishing a training class, we would have our users on our support channels helping other users with their Vault problems.

We started to see a community build up around Vault utilization and around support of Vault and how to properly use Vault, which significantly cut overhead for my team as we supported the service throughout.

To wrap up, the three major keys to success are: 1. Making sure that you have the right team in place 2. Making sure that you switch to that automation DevOps mindset 3. Making sure that you have a good training and onboarding program to kep your users are engaged so they understand how to properly use the product.

Using these keys of success, we were able to scale from a few thousand requests to billions of requests over a short amount of time. Over a year period, we onboarded hundreds of teams to the service to help them secure their infrastructure—and we hit some very key critical security objectives, not just in the US but worldwide.

More resources like this one

2/3/2023Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

1/20/2023Case Study

Packaging security in Terraform modules

12/22/2022Case Study

Architecting Geo-Distributed Mobile Edge Applications with Consul

12/13/2022Case Study

Nomad and Vault in a Post-Kubernetes World