Last year, I wrote about the IntraLinks vision for using enhanced two-factor authentication (2FA) to protect data in a SaaS-based environment. What I covered in that blog was used as a basis for designing a customized 2FA (or strong authentication) framework for the IntraLinks platform. The most important feature of the framework is the adaptability it offers to users for their security policy requirements. The idea is that people who own the data are more likely to understand its sensitivity and level of protection required than the people who design systems. On the other hand, system designers have the necessary technical skills to implement robust protection mechanisms. Our framework allows for the optimal ‘separation of duties’ — we implement the best of breed 2FA mechanisms, and our users apply those where and when they think it makes sense.

In light of the upcoming “capture-the-flag type” type contest at DEF CON, this is as good a time as any to talk about social engineering. There is no technical solution to this issue. Humans cannot be patched (I am paraphrasing from a t-shirt that I saw at a conference). So, we need to help people recognize a scam when they see one.

In a CSO Online article they talk about the favorite ‘pick-up’ lines of social engineers. These and some stories shared by the publication’s readers are pretty instructive, so I will mention a few of them here for everybody’s benefit.

This is the next in a series of guest blog posts by IntraLinks’ collaborators, partners, and vendors. Andreas Grabner is Sr. Architect and Technology Strategist at dynaTrace. dynaTrace is a technology leader in application performance management (APM). IntraLinks selected dynaTrace Continuous Application Performance Management to improve the operation of IntraLinks’ platform during the production lifecycle in September of 2009.

The Cloud has become the hot topic in the past year, with many major technology leaders (Amazon, Google, Microsoft, SalesForce.com, etc.) extensively promoting public cloud services. What is equally interesting is the growth of the so-called “private cloud”: whether large enterprises transitioning their datacenter infrastructure to cloud-based paradigms; or solution providers using their own cloud-based platforms to provide solutions more efficiently.

At the end of April, IntraLinks attended Infosecurity Europe, Europe’s largest information security event. Celebrating its 15th year, Infosecurity Europe attracted over 12,000 information security professionals to Earls Court Exhibition Centre in London, where delegates gathered to discuss the most pressing information security issues and attend a variety of education sessions hosted by international speakers and industry experts.

With over 300 exhibitors, Infosecurity Europe provided the perfect opportunity to showcase new and innovative services to top security professionals across Europe. IntraLinks was there to showcase IntraLinks Courier, a secure, efficient and cost effective solution to streamline ad-hoc large file transfers. IntraLinks Courier seamlessly integrates with company email systems or can be used as a desktop application or via a web-based browser, introducing unmatched security to help business users securely exchange large files while maintaining compliance with requirements that govern their businesses.

This is the next in a series of guest blog posts by IntraLinks’ collaborators, partners, and vendors. Jim Reavis is co-founder and executive director of the Cloud Security Alliance. The CSA is dedicated to developing and promoting best practices to secure cloud computing, and counts among its constituency a broad group of stakeholders which include both providers and consumers of cloud computing. IntraLinks is one of the newest corporate members of the CSA.

In many respects cloud computing is not new as veteran companies such as SalesForce.com and IntraLinks have been delivering business applications as a hosted service for over a decade.