Informative Articles About Digital Forensics Litigation Support

Hard Drive Recovery for Your Valuable Data

By admin | July 10, 2008

The most valuable assets of a company or an organization reside in files on computer hard drives. This is the main storage element in the system. In many cases the electronic evidence on the hard drive requires special skill and experience in data recovery to identify and retrieve the data. The current crisis of the system can be attributed to a number of factors, such as the inability to access a hard drive especially when back-ups are not available. Hard drive crashes, Virus attacks or losing your valuable files through accidental deletion can be quite disturbing in your work. Unfortunately the data loss caused by such a failure will lead to financial losses in an organization, as well as to personal life. If the data disaster caused by a hard drive failure is not immediately managed properly, then the data loss can become permanent. Hard drives are mechanical magnetic storage devices that are extremely susceptible to failure such as head crashes, circuit board shorts, electrostatic shocks, power surges, overheating, etc. To a major extent power failure could damage the hard drive. While Power surges and sags damage hard drives to crash and corrupt Windows systems, databases and other programs and services which need safer shutdown. Unless you have good surge protectors, UPS and backup generators, you can’t always believe to have good and safe data. Hard drive crashes and Disk Failures in general…

Read More

Technical Considerations in Review Process of E-Discovery

By admin | June 25, 2008

Decision-making, backing up your data and managing a review database to acquire digital data in your company is no longer a solvency for your problem in E-discovery, though you decide to go with the legal attorney for review process in E-Discovery. Data collection plays a key role in review process. There are some technical issues that need to be considered, which will help the legal team in identifying potential problems as well as successful review in E-Discovery. Following are checklist of technical issues that can aid in this review process of E-discovery: ISP (Internet service provider) will look simple but in most cases they are overlooked. Reliability, network speed and throughput can have a tremendous impact supplied by the ISP. Consult your network engineer and find who you’re ISP (Internet service provider) is and how reliable are they. So that Ip addresses at the main location can be rerouted. For eg: When you access your personal E-mail from your own Internet service provider, chances are your E-mail comes to you from your ISP’s E-mail servers in one of three ways POP (Post office protocol), IMAP (Internet mail access protocol), MAPI (Messaging Application Programming Interface) or HTTP (Hyper text transfer protocol),which helps in finding out the e-mail. Bandwidth: Routers, hubs, firewalls, cables, and modems all these will effect the actual bandwidth. The bandwidth fluctuates time to time. An average sampling of this bandwidth should…

Read More

E-Forensics Supports Your Ongoing Investigation by Capturing The Legal Defensible Data

By admin | June 12, 2008

E-Forensics is the application of electronic investigation, which has the capabilities of recovering data or visible to the user in legal proceedings. The deleted files often contain the Electronic files that do not show up which is important to your case, but identifying the deleted files plays the key role in e-forensic. The latest technology of e-forensics makes sure that the information is legally justifiable by maintaining a proper document chain of custody, identifying the electronic data capturing methods and gain the knowledge of latest technologies used in e-forensics. Electronic discovery is the process of extracting data from electronic documents that contains electronic data such as e-mail, word processing files, accounting files ,spread sheets, presentation files, databases, CAD and some form of computer records stored, where the CPU caches are generally managed by hard drives which includes cache memory, magnetic disks, optical disks such as DVD’S,CD’S. Often such information or data that is recorded on any type of electronic media has the possibility of discovery of data in the claim, which can be shown as evidence. E-forensic applies special scientific methods to determine the scope and presence of information contained on digital media. E-forensic differs from electronic discovery and is used only in case of potential crime involved. The data that is not accessible by the user which includes information such as deleted files, hidden files, web based files, password protected files and…

Read More

Electronic Data Discovery: Approach and Process

By admin | May 15, 2008

From the initial collection of electronic data to the final making of relevant and responsive documents, one of the biggest challenges faced by lawsuit attorneys is managing the large volume of digital documents produced during the discovery process. Electronic data discovery is a main stream in general discovery of evidence in legal proceedings. Today 90% of the business communication takes place in an electronic environment, so it is critical to carefully manage this electronic data for legal purposes by companies. Electronic data discovery approach involves the following steps: Step1: Collection Formulate plans to identify the data across the networks for legal and IT department. Handling evidence to court requires a documented chain of custody. In this data collection strategy, it is necessary to include any data that is necessary for authenticating a relevant piece of electronic evidence. The collection includes deleted files, Web E-mails, Internet history etc like collecting Meta-data, information about the E-mails, address, date, and time are gathered as an inventory of discovery. This documented chain of custody is helpful in minimizing the mishandling, misconduct or tampering of critical data. Step2: Preservation Maintaining the proper integrity of data is the key to preservation. After identification of data; it is protected avoiding spoliation for the validity of the data in order to preserve legacy data. The original data should be stored in a proper location, because the relevant meta-data may exist at…

Read More

Electronic Data Discovery – Technology Along With Policy Review

By admin | April 19, 2008

Electronic discovery plays a vital role in the contest of litigation, audits, investigation and other formal proceedings. In fact, according to the courts, computers have become so commonplace that most court battles now involve discovery of some type of computer-stored information. Litigators often take advantage of this lack of preparation by making digital information. In some cases, litigants have been forced to search, copy and produce millions of E-mail messages at their own cost. In other cases, litigants have been required to create special computer programs to find and extract discoverable data and files believed to have been deleted. It is clear that organizations need to act now to prepare for the electronic data discovery challenge. The amount of time, money and resources expended on electronic data discovery can be amazing for those organizations that are unprepared, where the Data Triage Technologies is found to be the leading expert in the field of electronic data discovery process. Certain forms of discoverable digital information may be more palpable to organizations, both in terms of the need to retain and manage them, and their inclusion in discovery requests. However, even the most obvious piece of evidence, such as a word processing document in electronic form, may present unique challenges. Such documents may in fact contain Meta data that reveals important information. The scope of discoverable digital information does not end with electronic documents and other…

Read More

Cell Phone Forensics Today is Better Than Ever No Other Tool

By admin | April 15, 2008

The recent developments in cell phone technology helped in development of Cell phone forensics as a great resource for forensic examiners and hi-tech crime investigators. Forensics has the potential to provide a wealth of information by retrieving information with relevant format which includes deleted text messages, address book entries that you have deleted, Photographs that you have taken and deleted, dialed and received calls etc. Today Cell phones became more advanced and sophisticated in being used for inappropriate usage. Investigators realized that there was a need to develop specific tools and process to search for evidence without affecting the information and introduced to get the file system and memory data helping the individuals, while Cell phones are becoming more like desktop computers functionally. Cell phones rely on flash memory for persistent storage designed to perform a predefined tasks using embedded software. The National Institute of Standards and Technology (NIST) is the one, which developed the guidelines in cell phone forensics. Cell phone forensics has two methods in order to collect the data; one is logical method, which acquires files and directories from the file system of the flash memory. Secondly, we can get all data from bit-by-bit copy of entire physical memory using a low level access method. Cell phone forensics can be largely divided by memory forensics and SIM forensics. Mobile phone based on GSM/WCDMA telecommunication technology stores data such as phone…

Read More

Qualcomm Repute Had Been Violated By Legal Losses

By admin | March 27, 2008

Qualcomm was drowned by the issue of e-discovery misbehavior which had an impact on client, though it is a base line to E-discovery. The U.S district court of California issued a warning to the entire corporate litigant’s regarding the electronically stored documents and E-mails in the recent issues of Qualcomm faulty. In attorney’s misconduct of Qualcomm, the court envisioned in four scenario’s. First is Qualcomm intentionally hid the documents from its retained lawyers, Second is the retained lawyers failed to discover the intentionally hidden documents, third is Qualcomm shared the damaging documents with its retained lawyers to hide the documents and all evidence of Qualcomm early involvement in JTV(Joint video team) or Qualcomm did not tell the retained lawyers about the damaging documents and evidence or the lawyers suspected whether there are other additional evidence regarding the adequacy of the document search and witness investigation. In monetary sanctions against Qualcomm the court judge avowed to pay all of Broadcom litigation cost around $ 8.5 million along with decisive documents but the Qualcomm refused to produce the documents in this patent violation case and supposed that they did not participate in the standards making. The court directed Qualcomm to have a case review and enforcement of discovery obligations in order to identity the lapse occurred and to prevent e-discovery violation in future with the intention of secreting this key fact, so that they would…

Read More

Electronic Discovery Violations and Litigation Misconduct

By admin | March 12, 2008

In its recent judgment, the court held Qualcomm guilty of withholding a large number of electronically stored documents. Qualcomm never searched the e-mails of certain key witnesses for responsive documents. It held back tens of thousands of e-mails that were decisive in the case, observed the court. The judge affirmed a sanction on Qualcomm’s counsels of over US $ 8.5 million. The judgment also held them guilty of gross litigation misconduct. The judge termed it a reckless disregard of their electronic discovery obligations. The State Bar of California is to take up further inquiry and possible disciplinary action against the attorneys.

Read More

Intrusion Detection System Logs as Evidence and Legal Aspects

By admin | February 20, 2008

Modern techniques and methodologies for detecting attacks and malicious activities on computers and networks have evolved a lot over the last couple of years. The need for detecting intrusion attempts before the actual attack simplifies the job of securely administering computer networks. Often an attacker will probe different ports and services on a network to get intelligence about the structure of the network. Afterwards how and what services can be compromised is decided. This is a common strategy applied by most of the attackers and this is where Intrusion Detection Systems (IDS) comes in. They simplify the job of detecting attacks well before the actual attack by tracing the trails that the attacker leaves while gathering intelligence about a network. Government legislations however often act as a barrier in accessing/ monitoring private communications. This article will particularly focus on the potential of using IDS logs as evidence in legal proceedings. It will also address the Commonwealth Telecommunication Interception Act to identify some conflicting issues that at some extent acts as a barrier for deployment of IDS tools.

Read More

An Introduction To Electronic Data Discovery

By admin | January 28, 2008

Computers and other electronic devices, equipment and systems are now widely used by nearly everyone, everywhere and for every purpose. Their use in business and industry, particularly large corporations, has brought their importance into focus. Organizations regularly and routinely record data on electronic media for processing, transmission, storage or other business functions. Today, most such data is in digital form on magnetic media and includes files, databases, e-mail, application files, instant messages, text messages, phone messages and video recordings. It can be easily modified, deleted, over-written and processed in many other ways. One characteristic aspect is that unlike legacy documents on paper, digital data once recorded, cannot be completely and permanently erased.

Read More

Contact us

(Free initial consultation – no spam)

Contact form (1)

"*" indicates required fields

This field is for validation purposes and should be left unchanged.