Case Study
12 May, 2026
How a Leading ERP Platform Built a Secure Path to AI Innovation with TeraSky and Azure
The Background
For most enterprises, the heart of their operations isn’t a single app – it’s the ERP (Enterprise Resource Planning) system, which connects finance, HR, supply chain, manufacturing, and customer operations so everything runs on the same data.
When a business runs on an ERP, even a small change, such as a system update or a new customization, can ripple through payroll, inventory, and customer orders. That’s why one innovative company built its cloud-based platform to help organizations test and manage changes safely.
As demand for AI-powered capabilities in these critical systems grew, the company faced a new challenge: how to add advanced intelligence while keeping sensitive enterprise data secure. The solution required combining Azure’s AI services with their existing AWS infrastructure without exposing anything to the public internet.
To make it happen, they turned to TeraSky.
The Challenge
The company faced a critical infrastructure puzzle: how to securely connect Azure and AWS while integrating Azure OpenAI Service for new AI features. Their engineers were ready to move fast, but security came first. The company needed private, high-performance communication between cloud platforms without exposing customer data to the public internet. Traditional connectivity approaches wouldn’t meet their security requirements. Instead, they needed private endpoints and controlled routing throughout. The solution also had to provide clear visibility into system performance and scale easily as new AI features launched. Off-the-shelf connectivity wasn’t enough; the usual VPN or API integrations exposed too many risks.
As the company’s DevOps Director put it, “We knew what we wanted to build, but we also knew the traditional routes would break the security model our customers depend on.”
The Solution
TeraSky designed a Hub-and-Spoke architecture on Azure with FortiGate VPN bridging the two clouds. The approach gave them the control and isolation they needed. All traffic between Azure OpenAI, API Management, and AWS stayed private, routed through secure endpoints, and governed by strict network rules.
Monitoring and observability were built in from the start, with Application Insights and Log Analytics giving real-time visibility across both platforms.
“Making Azure OpenAI and API Management talk securely through private endpoints wasn’t straightforward,” recalled Luka Koshhadze, TeraSky’s Cloud Platform Engineer. “We had to experiment, work closely with Microsoft, and come up with a few clever fixes of our own. In the end, what we built is a foundation that lets them confidently build AI features with customer data.”
The implementation followed Azure best practices for naming and tagging, making ongoing management straightforward. Every component was designed for both security and performance, creating a scalable platform for future growth.
The Bottom Line
With the new architecture live, the company now has a private, high-performance bridge between clouds and a clear path for securely expanding AI features. Latency dropped, observability improved, and every component follows Azure best practices for scalability and management. Most importantly, the private OpenAI integration opened the door to developing AI-powered features that their customers are asking for.
Describing the project experience, the DevOps Director explained, “We needed a solution to work with OpenAI securely and privately, in order to open the door for new AI-based features with customer data. Luka presented the architecture, configured everything, and led multiple Azure support cases to completion, and even came up with elegant solutions that made the architecture work. We now have the secure OpenAI integration we needed to move forward.”
The company now has both immediate benefits and long-term flexibility. The multi-cloud architecture is ready to support additional AI services and scale as their product evolves, without ever compromising the security that defines their brand.