Everything as code for your security lifecycle 🔐 | Do Cloud Right

Your monthly digest to help you move faster and get more value from the cloud. 

Modern cloud transformation is no longer defined by where workloads live, but defined by how securely, consistently, and intelligently they’re delivered.   

This month, we’re spotlighting the hybrid cloud strategies that are proving what’s possible when security and automation become part of the operating fabric. From simplifying security lifecycles to navigating digital sovereignty, here are a few standout reads to help you move faster and get more value from your cloud investments: 

 🔑 How Atruvia built secure and compliant infrastructure to power 900 financial institutions across Germany 

💭 Why an ‘as code’ approach can help solve security and scalability problems 

🔒 PCI DSS 4.0.1 compliance with Vault, Boundary & Vault Radar 

✍️ The five key Day 2 guardrails for IT operations help keep environments secure and compliant 

This curated section explores conversations we’ve had or heard with organizations that are doing cloud right. 

🛠️ Everything as code for your security lifecycle by Brian Huber  

Solve security and scalability problems through an “as code” approach to infrastructure and security lifecycle management. Learn how Terraform can help you manage secrets as code. 

🔑 Securing modern workloads with HashiCorp Vault and WIF by Rich DuBose and Dnyaneshwari (Nesh) Chandarana

Eliminate secret zero and enable “secretless” workloads with Vault and workload identity federation. Replace static credentials with short-lived access and enforce zero trust. 

🛡️ PCI DSS 4.0.1 compliance with Vault, Boundary & Vault Radar by Rich DuBose , Chandni P. , and Van Phan  

Find out how HashiCorp Vault, HCP Vault Radar, and HCP Boundary can help you fulfill the PCI DSS 4.0 requirements checklist and get compliance certification. 

Atruvia | Customer story 

Banking on speed and security 

Bridging decades of legacy systems and modern cloud, Atruvia AG uses HashiCorp to build secure and compliant infrastructure that powers over 900 financial institutions across Germany. 

In this case study, learn how they solved challenges like fragmented automation, lack of unified APIs and centralized documentation, and operational risk, realizing benefits like: 

⚡️ 99% faster cluster provisioning (3 months → 4 hours) 

⏰ Deployment time cut from weeks to hours 

🌐 Compliant pipelines across hybrid environments 

🏦 900+ banks supported nationwide 

👥 Company-wide IaC adoption 

💨 15-minute network setup (down from weeks) 

“For our systems engineers, the workflow has changed drastically. Today, making a change means updating code, staging it, and deploying — not logging in on a Saturday night to fix things by hand. With Terraform, we’ve completely transformed how our system administrators work.” - Martin Pelke, Product Owner, Infrastructure as Code, Atruvia 

We end with an essential collection of blogs, podcasts, and reports designed to keep you informed and equipped to tackle the challenges of security and infrastructure management in hybrid and multi-cloud estates. 

👩💻 HashiCorp blog | Secure remote access without the ‘portal tax’ Boundary vs other vendors by Saptaparni Nandy

HashiCorp Boundary makes a clean break with traditional PAM and VPNs — unlike its other secure remote access competitors. Learn how Boundary stands above the rest in ease-of-use.  

👩💻 HashiCorp blog | Building Day 2 ops guardrails with Terraform and Packer by Rama Chavali and Vijay Sharma

Provisioning infrastructure is only the beginning. Learn how five key Day 2 guardrails for IT operations help keep environments secure and compliant as they change. 

📄 White paper | IBM : Digital sovereignty in the era of hybrid cloud and AI 

Digital sovereignty has become a strategic priority as software, infrastructure, and AI capabilities globalize at unprecedented speed, prompting leaders to re‑evaluate how they govern data and secure critical digital assets. This white paper presents IBM’s point of view and offers the strategic clarity needed to navigate this rapidly evolving landscape.

📰 Article | InfoWorld : Why hybrid cloud is the future of enterprise platforms 

This article shares how the rise of artificial intelligence is making cloud and on-premises integration the best path forward for scalable, effective deployments.

📰 Article | ZDNET : Rolling out AI? 5 security tactics your business can't get wrong - and why 

Here's how the experts have established strong processes and policies to help their organizations secure data and embrace AI services. 

Save the date for HashiConf at IBM TechXchange 2026! 🥳 

HashiConf at IBM TechXchange is coming to Atlanta. 🥳

Mark your calendars for October 26 - 28, 2026 for a few days of connection with security and IT leaders. More information on registration is coming soon. Learn about what you can expect this year here.  

Don’t forget to subscribe to Do Cloud Right. Between issues, follow the HashiCorp LinkedIn page for the latest company news or visit our strategy and insights blog to discover more about doing cloud right. to discover more about doing cloud right.