The Dos And Don’ts Of Mobile Forensics

Did you know that mobile devices are a main source of digital evidence in criminal investigations?  This shouldn’t be a surprise to anyone.  More than 90% of criminal cases today involve mobile devices as their main source of evidence. The largest challenge facing many digital forensic investigators are locked or inaccessible devices when they arrive for examination.

Proper handling and documentation are key when it comes to maintaining and securing evidence. Here are some quick definite dos and don’ts when it comes to handling mobile devices:

DO obtain proper legal authority before accessing and collecting data from a seized device.

DO keep the device powered on and take it off the network in order to mitigate risk and increase your chances of extracting critical evidence.

DON’T alter the device.  If any steps are taken, such as device isolation, then document them.

Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.

DON’T end your search when a mobile device is found. A wide array of additional devices could be part of the same ecosystem and may contain much needed actionable intelligence.

These are just a few of the many best practices when it comes to mobile device forensics. To learn more about putting some of these steps into practice, request a complimentary copy of our infographic and ebook below.

Original article can be found here.

Leave a Comment

Latest Articles