惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
The Exploit Database - CXSecurity.com
A
Arctic Wolf
K
Kaspersky official blog
T
Threat Research - Cisco Blogs
PCI Perspectives
PCI Perspectives
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
U
Unit 42
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy & Cybersecurity Law Blog
O
OpenAI News
量子位
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
C
Cisco Blogs
AWS News Blog
AWS News Blog
Vercel News
Vercel News
Microsoft Security Blog
Microsoft Security Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
美团技术团队
T
Threatpost
S
Schneier on Security
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
C
Cyber Attacks, Cyber Crime and Cyber Security
Last Week in AI
Last Week in AI
C
CERT Recently Published Vulnerability Notes
Blog — PlanetScale
Blog — PlanetScale
C
Cybersecurity and Infrastructure Security Agency CISA
F
Full Disclosure
博客园_首页
N
Netflix TechBlog - Medium
Security Latest
Security Latest
有赞技术团队
有赞技术团队
Google DeepMind News
Google DeepMind News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
The Register - Security
The Register - Security
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Recent Announcements
Recent Announcements
博客园 - Franky
P
Palo Alto Networks Blog
Project Zero
Project Zero
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
H
Help Net Security
Hacker News: Ask HN
Hacker News: Ask HN
Cisco Talos Blog
Cisco Talos Blog
H
Heimdal Security Blog
The Hacker News
The Hacker News
博客园 - 【当耐特】
GbyAI
GbyAI

Intelisys

Connectivity, Security, and AI: A Unified System for Distributed Banking – Intelisys How Banking Left the Branch — And What That Demands from Technology – Intelisys ScanSource and Intelisys Leaders Named 2026 Women of the Channel Keep the Register Ringing: The Case for Wireless-First Retail The Retail Risks Most Leaders Don’t See The New Compliance Baseline: How HIPAA 2.0 Changes Everything AI in Healthcare: The Five AI Use Cases Transforming the Medical Industry ScanSource and Intelisys Leaders Named 2026 CRN Channel Chiefs Enhanced Connectivity: Laying the IT Foundation for Excellence in Medical Care Intelisys Announces Refreshed Logo and Brand Wired for the Future: A Year in Review
Cloud Cover: Securing What You Can’t See
Intelisys · 2025-11-21 · via Intelisys

Cybersecurity is the #1 tech-related concern for organizations across industries. And #2? It’s either cloud or AI, depending on the industry.  

That means securing cloud resources, an issue that sits at the intersection of cybersecurity and cloud computing, is especially urgent.  

For our October SE Webinar on cloud security, we brought together National Security Specialist Brian Bonebrake and Cloud and AI Programs Director Bhu Virdi. When it comes to cybersecurity, Bhu and Brian have seen it all. They’ve also helped countless organizations successfully secure their cloud resources. 

As an Intelisys Sales Partner, you should be acting as a trusted consultant for your clients in the area of cloud security. But that requires expertise. 

What steps should businesses take to secure their data? And how can they remain compliant – while also taking advantage of cloud computing and SaaS applications?  

In the webinar, Bhu and Brian discuss all of that and more.  

Defining “Cloud Resources” 

Defined generally, “cloud resources” can refer to any digital service that is delivered on-demand over the web. But in this conversation, Bhu and Brian focus on three main categories of cloud resources: 

  • Data 
  • Compute environments  
  • SaaS applications 

Below, we’ll address how to secure each of these resources. 

Best Practices for Securing Data 

Thanks to advances in cloud computing, organizations now store data in a variety of places – including data centers, cloud platforms, and on-premise servers. 

This diversity is generally a good thing. Keeping data closer to a system’s edge can help with data processing, while sharing data with third parties can have all sorts of operational benefits.  

The problem with this data diversity is that it widens the potential surface area for attack. That’s why securing data is such a tough – and important – task for organizations, especially as they spread into the cloud.  

Here are some best practices for securing data in cloud environments:  

  • Prioritize encryption. All an organization’s data should be encrypted, both at rest and in flight. The organization should also own their own encryption keys (rather than leaving them with a cloud service provider).  
  • Create governance policies around data access. Everyone at an organization should know the ground rules for accessing and using data. Without these policies, employees could unknowingly expose sensitive information (by using live data when testing a new app, for example). 
  • Anonymize data. When possible, stored data should be identified through a referential identifier, not through personally identifiable information (PII). This will limit the damage in the case of a data leak.  
  • Pay attention to data residency (for compliance reasons). Different states and regions have their own data security and privacy laws. That means organizations need to track where their users are based and where their data is stored and processed. That way, they can remain compliant with location-based regulations like the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR).  

Not only are data breaches costly and disruptive, but they can also ruin a business’s reputation. That’s why it’s so vital that your customers take the steps outlined above.  

Best Practices for Securing Compute Environments 

Some organizations think that once they’ve moved to a cloud compute environment, they’re inherently maintaining compliance and protecting user data. This is a misconception.  

Yes, cloud service providers often say their environments are compliant with PCI, SOC 2, HIPAA, and other regulatory frameworks – but that doesn’t mean the client is automatically covered. The client organization has the responsibility to use the tools provided by the cloud service provider in the right way. If the client fails to maintain the proper security practices, they could be held responsible in the case of a data breach or compliance failure.  

With that in mind, here’s how organizations can keep their cloud compute environments secure: 

  • Embrace a shared responsibility model. This involves establishing a rules-based framework, often with a Service Level Agreement (SLA), that promotes collaboration between the client and cloud provider. 
  • Employ a zero-trust framework. Users should only gain access to a system when they’ve shown they need it – and that access should last for a limited amount of time.  
  • Ensure the cloud service provider is securing their physical infrastructure. This is something the provider should handle. That said, clients need to confirm that providers have the right physical access controls in place. Otherwise, their data will remain vulnerable to insider threats.  

All three of the above practices center around a single theme: Maintaining a strong, collaborative relationship between the client and the cloud service provider.  

Best Practices for Securing SaaS Applications 

On today’s internet, most traffic doesn’t go through a web browser. It’s sent from one API to another, often through cloud-based SaaS applications. 

This app-based environment is fantastic for enhancing operations, but it also produces cybersecurity risks. Users access SaaS platforms, which are run by third parties, through their own domain credentials. This creates additional attack vectors. That’s why organizations need to prioritize identity and access management.  

Businesses can also leverage tech-based solutions to enhance their SaaS security. Options include: 

  • A Content Delivery Network (CDN). This type of network caches data closer to users, which decreases exposure while protecting against Distributed Denial-of-Service (DDoS) attacks.  
  • A Cloud Access Security Broker (CASB). This involves adding an enforcement point between the user and the SaaS application, ensuring that security standards are maintained.  
  • DevSecOps (Development, Security, Operations). This isn’t a solution, but an operational framework that places security concerns at the forefront of software development and IT operations.  

The Intelisys catalog includes suppliers that offer these solutions – meaning you’re in a perfect position to deliver enhanced SaaS security for your customers.  

Using Cloud Security as a Conversation Starter 

Cloud security is top-of-mind for organizations. That makes it a great topic for opening doors with key stakeholders.  

When talking with a prospect, just mention, “Hey – I can help maintain compliance.” This is often enough to pique their interest. 

As the conversation deepens, ask probing questions that will uncover gaps in the organization’s security infrastructure. Are they anonymizing data? Do they have a comprehensive data security policy in place? Once you’ve identified the issues, you can start discussing remediation. 

Also, don’t forget to address industry-specific compliance concerns. If you’re talking to a medical organization, ask about HIPAA. If it’s a retail store (or anyone who accepts credit cards), mention PCI compliance. They’ll appreciate having an advisor who understands their specific needs.  

And what if the organization says they’re not subject to a regulatory framework?  

Then ask if they’re adhering to NIST (National Institute of Standards and Technology) standards. No matter a business’s industry, they should be adopting these security practices – and wherever they’re falling short, you can help them catch up.  

Learn More About Cloud Security 

Do you have the knowledge to work confidently in the cloud security space? If not, our resources can help.  

Start by watching the entire recording of this webinar: Cloud Cover: Securing What You Can’t See.  

Also, check out our blog post on the 2025 Verizon Data Breach Investigations Report (DBIR) – a fantastic resource on the latest cybersecurity threats.  

And for personalized guidance, reach out to your regional SE or connect with the Intelisys Advanced Technology Team. You’ve got a lot of expertise at your disposal. Don’t forget to use it!