Cloud Cover: Securing What You Can’t See

Cloud Cover: Securing What You Can't See_Featured

Cybersecurity is the #1 tech-related concern for organizations across industries. And #2? It’s either cloud or AI, depending on the industry.  

That means securing cloud resources, an issue that sits at the intersection of cybersecurity and cloud computing, is especially urgent.  

For our October SE Webinar on cloud security, we brought together National Security Specialist Brian Bonebrake and Cloud and AI Programs Director Bhu Virdi. When it comes to cybersecurity, Bhu and Brian have seen it all. They’ve also helped countless organizations successfully secure their cloud resources. 

As an Intelisys Sales Partner, you should be acting as a trusted consultant for your clients in the area of cloud security. But that requires expertise. 

What steps should businesses take to secure their data? And how can they remain compliant – while also taking advantage of cloud computing and SaaS applications?  

In the webinar, Bhu and Brian discuss all of that and more.  

Defining “Cloud Resources” 

Defined generally, “cloud resources” can refer to any digital service that is delivered on-demand over the web. But in this conversation, Bhu and Brian focus on three main categories of cloud resources: 

  • Data 
  • Compute environments  
  • SaaS applications 

Below, we’ll address how to secure each of these resources. 

Best Practices for Securing Data 

Thanks to advances in cloud computing, organizations now store data in a variety of places – including data centers, cloud platforms, and on-premise servers. 

This diversity is generally a good thing. Keeping data closer to a system’s edge can help with data processing, while sharing data with third parties can have all sorts of operational benefits.  

The problem with this data diversity is that it widens the potential surface area for attack. That’s why securing data is such a tough – and important – task for organizations, especially as they spread into the cloud.  

Here are some best practices for securing data in cloud environments:  

  • Prioritize encryption. All an organization’s data should be encrypted, both at rest and in flight. The organization should also own their own encryption keys (rather than leaving them with a cloud service provider).  
  • Create governance policies around data access. Everyone at an organization should know the ground rules for accessing and using data. Without these policies, employees could unknowingly expose sensitive information (by using live data when testing a new app, for example). 
  • Anonymize data. When possible, stored data should be identified through a referential identifier, not through personally identifiable information (PII). This will limit the damage in the case of a data leak.  
  • Pay attention to data residency (for compliance reasons). Different states and regions have their own data security and privacy laws. That means organizations need to track where their users are based and where their data is stored and processed. That way, they can remain compliant with location-based regulations like the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation (GDPR).  

Not only are data breaches costly and disruptive, but they can also ruin a business’s reputation. That’s why it’s so vital that your customers take the steps outlined above.  

Best Practices for Securing Compute Environments 

Some organizations think that once they’ve moved to a cloud compute environment, they’re inherently maintaining compliance and protecting user data. This is a misconception.  

Yes, cloud service providers often say their environments are compliant with PCI, SOC 2, HIPAA, and other regulatory frameworks – but that doesn’t mean the client is automatically covered. The client organization has the responsibility to use the tools provided by the cloud service provider in the right way. If the client fails to maintain the proper security practices, they could be held responsible in the case of a data breach or compliance failure.  

With that in mind, here’s how organizations can keep their cloud compute environments secure: 

  • Embrace a shared responsibility model. This involves establishing a rules-based framework, often with a Service Level Agreement (SLA), that promotes collaboration between the client and cloud provider. 
  • Employ a zero-trust framework. Users should only gain access to a system when they’ve shown they need it – and that access should last for a limited amount of time.  
  • Ensure the cloud service provider is securing their physical infrastructure. This is something the provider should handle. That said, clients need to confirm that providers have the right physical access controls in place. Otherwise, their data will remain vulnerable to insider threats.  

All three of the above practices center around a single theme: Maintaining a strong, collaborative relationship between the client and the cloud service provider.  

Best Practices for Securing SaaS Applications 

On today’s internet, most traffic doesn’t go through a web browser. It’s sent from one API to another, often through cloud-based SaaS applications. 

This app-based environment is fantastic for enhancing operations, but it also produces cybersecurity risks. Users access SaaS platforms, which are run by third parties, through their own domain credentials. This creates additional attack vectors. That’s why organizations need to prioritize identity and access management.  

Businesses can also leverage tech-based solutions to enhance their SaaS security. Options include: 

  • A Content Delivery Network (CDN). This type of network caches data closer to users, which decreases exposure while protecting against Distributed Denial-of-Service (DDoS) attacks.  
  • A Cloud Access Security Broker (CASB). This involves adding an enforcement point between the user and the SaaS application, ensuring that security standards are maintained.  
  • DevSecOps (Development, Security, Operations). This isn’t a solution, but an operational framework that places security concerns at the forefront of software development and IT operations.  

The Intelisys catalog includes suppliers that offer these solutions – meaning you’re in a perfect position to deliver enhanced SaaS security for your customers.  

Using Cloud Security as a Conversation Starter 

Cloud security is top-of-mind for organizations. That makes it a great topic for opening doors with key stakeholders.  

When talking with a prospect, just mention, “Hey – I can help maintain compliance.” This is often enough to pique their interest. 

As the conversation deepens, ask probing questions that will uncover gaps in the organization’s security infrastructure. Are they anonymizing data? Do they have a comprehensive data security policy in place? Once you’ve identified the issues, you can start discussing remediation. 

Also, don’t forget to address industry-specific compliance concerns. If you’re talking to a medical organization, ask about HIPAA. If it’s a retail store (or anyone who accepts credit cards), mention PCI compliance. They’ll appreciate having an advisor who understands their specific needs.  

And what if the organization says they’re not subject to a regulatory framework?  

Then ask if they’re adhering to NIST (National Institute of Standards and Technology) standards. No matter a business’s industry, they should be adopting these security practices – and wherever they’re falling short, you can help them catch up.  

Learn More About Cloud Security 

Do you have the knowledge to work confidently in the cloud security space? If not, our resources can help.  

Start by watching the entire recording of this webinar: Cloud Cover: Securing What You Can’t See.  

Also, check out our blog post on the 2025 Verizon Data Breach Investigations Report (DBIR) – a fantastic resource on the latest cybersecurity threats.  

And for personalized guidance, reach out to your regional SE or connect with the Intelisys Advanced Technology Team. You’ve got a lot of expertise at your disposal. Don’t forget to use it! 

Related Posts

VIEW ALL POSTS

Eddie Acosta

Senior Vice President, Sales

Eddie Acosta serves as Senior Vice President, Sales, where he leads the Intelisys regional sales and business development teams, while architecting the strategy to drive revenue growth and develop exceptional relationships with partners across the United States. In this role, Acosta also oversees the Solutions Engineering and Advanced Technologies teams, driving vision and creating synergies among the teams to best support Intelisys suppliers, partners and the end customer.

Acosta has more than 20 years of sales and management experience in the cloud-based technology services industry. His experience includes leading and managing sales leaders and channel managers, developing and executing go-to-market channel strategies and nurturing strategic partnerships.

Jolynn Antonacci

Vice President, Marketing

As Vice President of Marketing for Intelisys, Jolynn Antonacci oversees the organization’s overall marketing, brand and enablement strategies to support business objectives and drive sales partner success. She is responsible for developing and executing marketing initiatives in close collaboration with the sales team, focusing on events, enablement, and education, ensuring that Intelisys sales partners have the tools and resources needed to grow their business.

Antonacci is a proven channel leader with 20 years of experience driving business growth, executing innovative strategies and fostering strong relationships within the channel. With experience working with both suppliers and sales partners, she has a unique perspective on the business, leveraging her deep industry knowledge to drive impactful results.

Katherine White

Vice President, Channel Exchange

Katherine White serves as Vice President, Channel Exchange, focused on expanding cloud sales, operations, and delivery. She oversees SaaS distribution through Channel Exchange, a modern platform that enables Intelisys sales partners to accelerate procurement, meet customer needs, and expand into new service areas.

White joined ScanSource as Vice President of Business Strategy in 2021, bringing two decades of leadership in sales, operations, and finance, along with a proven history of building relationships and driving organizational change. In that role, she developed and maintained ScanSource’s strategic vision and ensured alignment with its growth goals and core values.

Ken Mills

President

Ken Mills serves as President of Intelisys and is committed to driving growth for Intelisys and our partners. As a distinguished technology executive with over two decades of experience, Ken has previously held leadership roles at EPIC iO, Dell Technologies and Cisco, and served as a fellow with the U.S. Department of State. His strategic mindset has been an integral part of launching innovative products and solutions in the fields of AI, IoT, and 5G. Ken is driven by his curiosity and passion for groundbreaking technology and complex problems, and constantly explores new frontiers in the world of technology.

Monica Lutes

Director, People & Culture

As Director, People & Culture, Monica has worked closely with Intelisys employees and leaders since 2018 and has worked with ScanSource companies since 2016. A Human Resources professional with 11 years of experience encompassing all areas of HR, especially employee relations, recruiting, compliance, and training, Monica approaches her role as Director, People & Culture from a consultative perspective. Her goal is to provide advice and guidance to leaders so they can focus on growing the best teams for the business while also supporting employees’ goals.

Ansley Hoke

SVP Marketing, ScanSource, Inc. and Intelisys

Ansley Hoke is the Senior Vice President of Marketing at ScanSource, Inc., a role she has held since 2019, and extended her leadership to include Intelisys in 2023. She joined the company in 2001, serving in merchandising leadership roles for ScanSource POS and Barcode, including acting Vice President of Merchandising and then later VP of Merchandising for ScanSource Catalyst and overall VP of ScanSource Catalyst. She oversaw sales, supplier relations, and services. Known for her pivotal role in creating effective marketing strategies, Ansley has been integral in driving demand, enhancing partner programs, and significantly contributing to the company’s revenue growth and channel relationships.

Mike Baur

CEO of ScanSource, Inc. and Interim President of Intelisys

Mike Baur serves as Chairman and Chief Executive Officer at ScanSource. Mike has served as the Company’s President or CEO since its inception, as a director since December 1995, and as Chairman of the Board since February 2019. Mike has developed a deep institutional knowledge and perspective regarding ScanSource’s strengths, challenges and opportunities. He has more than 30 years of experience in the IT industry, having served in various leadership and senior management roles in the technology and distribution industries before joining ScanSource. Mike brings strong leadership, entrepreneurial, business building and development skills and experience to the Board.

Stephanie Bouras

Regional Vice President, Southeast

Driven by a partner-first philosophy and a passion for innovation, Bouras embodies a leadership style that’s both compassionate and data-driven. As the Regional Vice President, Southeast, at Intelisys, she’s leveraged her extensive marketing and sales experience to propel her team to new heights. A firm believer in aligning herself with her partners, she sees herself as a collaborator and an integral part of their business. This perspective has allowed her to forge deep connections and drive success. A Florida native, Stephanie’s attention to detail and unwavering commitment to her partners have been key factors in her success.

Michael Raspanti

Regional Vice President, Northeast

Michael joined Intelisys in June of 2020, as a long-time channel veteran. He is responsible for leading the Northeast Region, helping continue the tremendous momentum in one of our strongest markets while also recruiting new up and coming partners that will be the growth engine of our future success.

Kristy Thomas

Vice President, Partner Experience and Enablement

Thomas is responsible for Sales Partner enablement and education for all our technology segments, including CX, managed security, mobility, and connectivity. With over 20 years of executive background in telephony, UCaaS, CCaaS and Cloud services, Kristy enables her customers to think broader and deeper as she guides them through their decision journey. Some of the biggest deals in the channel have become a reality thanks to the expertise and humble excellence Kristy brings to her client’s projects.