Case Study: Hootsuite achieves short-lived, secure access management with HashiCorp Vault

Hootsuite - Customer Case Study

Hootsuite, the social media management platform with more than 16 million customers and 1,000 employees worldwide, needed to replace a risky legacy security setup full of static AWS keys, hardcoded SSH credentials, and shared secrets. As the company grew, it wanted a safer, easier way to manage identity-based access for people and systems, using HashiCorp Vault as the foundation for secure authentication and secrets management.

With HashiCorp Vault, Hootsuite built internal tooling and workflows for employee login, short-lived AWS and SSH credentials, web console access, Kubernetes authentication, and service account secret delivery. The result was a major security modernization: static keys were removed, access became short-lived and role-based, and troubleshooting and onboarding improved through standardized tools and documentation. Hootsuite also reported sweeping cleanup of unused keys and a more secure, scalable operations model across its environment.

Hootsuite

James Atwill

Senior Software Developer