±Forensic Focus Partners
|New Today: 0||Overall: 36783|
|New Yesterday: 0||Visitors: 107|
A Business ToolBack to top Back to main Skip to menu
Computer Forensics - A Business Tool
Audax Digital Forensics
Computer forensics entails gathering and examining data from a range of electronic media - not just computers - and this data can take the form of photographs, downloaded images, text, documents, emails, internet pages and any other information that is stored to a hard drive. This data or evidence can then be used in a court of law, employment tribunal or simply as a sample of evidence to present to an individual under suspicion.
Even with suitable software investigations can be time consuming, but can also produce some stunning and unexpected results.
Employee Misuse and Fraud
Employee misuse and fraud crimes are on the increase and can vary from the misuse of computer systems to the theft of corporate and financial data. These crimes can occur due to disgruntled employees taking revenge, underemployed employees looking to take advantage of their situation or simply employees engaging in criminal activity. The possibility that the employee sitting next to you could be committing offences while they work is certainly very real and one doesn't have to look very far in the local or national press to read cases of employees caught looking at pornography, accessing confidential company information or stealing data.
Combating these types of computer related crimes can be very expensive, particularly for small businesses; however, being proactive in spending the right amount on the security of systems and data is a good place to start. Effective and regular monitoring of systems is also a good idea in trying to make it more difficult for individuals to commit offences (and get away with them) in the first place. However, with all the security and prevention techniques in the world, businesses find it very difficult to be 100% successful in stopping employees taking part in these crimes whether they be misuse or criminal activity and this is where computer forensics is a very useful tool.
Computer forensics is usually required after an incident has taken place and is a very effective option in providing evidence of misuse or crime. Forensic work is effective in detecting or identifying suspect activity as the methods used focus on the individual's usage of equipment over a period of time. Computers automatically log when and how images, text and documents were last created, viewed or modified and together with physical time and date activity the investigator can match an activity to an individual.
Evidence and Data Gathering
Securing the continuity and validity of electronic data and evidence in proving computer misuse and criminal activity can be a real problem. Problems often arise inside companies when IT Staff or Senior Management fail to resist the temptation to investigate equipment themselves and this can have serious consequences. One of the most crucial elements of computer forensic investigations is the preservation of evidence and 'non experts' can easily overwrite time and date information (the digital fingerprint) by accessing material themselves. This time and date information is vital in proving when data or images were modified or viewed. The time and dates stamp elements are particularly important in working environments where more than one person has access to a piece of equipment, e.g. a computer in an open office used by several members of staff during the day.
A computer forensics expert will be able to limit the potential for damage to data or evidence by following the ACPO (Association of Chief Police Officers) guidelines for retrieving electronic evidence [NOTE: this document is available from the Forensic Focus "Downloads" section]. This should ensure that the investigator knows how and where to look for information without compromising any potential evidence - hence it is very important for 'non-experts' to resist the temptation to look at data or evidence without contacting an expert.