Informative Articles About Digital Forensics Litigation Support

The Rules for Computer Forensics

By admin | October 6, 2007

The recovery of evidence from electronic devices is fast becoming another component of many the IT Manager’s remit. Electronic evidence gathered is often valuable evidence and as such should be treated in the same manner as traditional forensic evidence – with respect and care. Essentially, this area is known as computer forensics and can be described as the scientific examination and analysis of data held on, or retrieved from, computer storage media in such a way that the information can be used as evidence in a court of law. Subject matter can include: the secure collection of computer data the examination of suspect data to determine details such as origin and content the presentation of computer based information to courts of law (if necessary) the application of a country’s laws to computer practice. In short, the objectives of a forensics analysis are to, determine what happened, the extent of the problem, determine who was responsible and present this information as evidence in court if required. It is used by internal investigators of public and private organisations for a variety of reasons, in particular where a computer user is suspected of a breach of organisational policy. Indeed, in the past couple of years awareness amongst the legal community in Ireland of the need for professional computer forensic services and equipment has increased substantially. The methods of recovering electronic evidence whilst maintaining evidential continuity and…

Read More

Authenticating E-Discovery As Evidence

By admin | October 5, 2007

Since the e-discovery amendments to the Federal Rules of Civil Procedure went into effect in December 2006, much has been said about the need for organizations to produce electronic evidence (including email, instant messaging (IM) logs and other electronically stored information) during litigation, but since that time a new issue has emerged: can that e-discovery be authenticated to establish that it is what you say it is and ensure it gets admitted into evidence?

Read More

How to overcome E-Discovery Challenges with New Technologies

By admin | September 21, 2007

Business communications are now dominated by electronic storage and devices like emails, hard drives, flash drives etc… and the volume of data used and stored is increasing at astonishing rate. Here comes the Electronic discovery. After the recent amendment to the Federal Rules of Civil Procedure (FRCP) which recognizes increasing importance of electronically stored information for litigation and regulatory investigations.

Read More

Letting EDD Evidence Speak for Itself

By admin | September 20, 2007

By now, you undoubtedly have mastered the new electronic data discovery amendments to the Federal Rules of Civil Procedure. You keep up with the rapidly evolving case law. You probably even know the difference between a computer forensic expert and an EDD vendor, and the differences in the types of services each provide. It’s likely, however, that you haven’t faced the challenge of presenting electronic evidence to a jury, through the testimony of a computer forensic expert. If you have (at least based on discussions with a number of well-known computer forensic experts from around the country who’ve actually testified in court), it’s likely you simply relied on the talking head to present opinions to the jury.

Read More

Intrusion detection guide

By admin | September 13, 2007

With the growing use of internet the threats attached to it are also growing. As more and more people are getting dependent on internet, the hackers are inventing new ways to intrude into their systems and cause havoc for them. By intruding or by gaining unauthorized access to their computers the hackers can access confidential information or can simply destroy their system and derive sadistic pleasure out of it. Thus, Intrusion Detection Systems (IDS) have become the need of the hour.

Read More

Dangers in E-Discovery

By admin | September 6, 2007

The big paperless case in the sky is coming your way and, believe it or not, you’re going to embrace it. Instead of tripping over boxes of documents, you will be enjoying all the benefits of using highly compressed electronic documents. Those who still scoff at high technology are costing their firms and their clients a fortune in wasted time, unnecessary expenses and avoidable errors. The price of devotion to paper may even include losing the case, since more than 35 percent of corporate communications never reach paper. If you already scan documents and surf your case management system, you will be happy to know that more leverage is just ahead. Costly manual and semiautomatic document reviews are becoming ever more automated, with nanosecond turnaround times; breathtaking, fractional error rates; and innovative, mega-gigabyte cull-and-search tools.

Read More

What Can Computer Forensics Do For You?

By admin | September 3, 2007

What do you recommend as a best practice for preserving electronic data on a computer? One of the most important things that companies need to do is to make sure that they do not spoil the evidence by looking to see what the employee was doing. In many cases, right after someone departs, the manager or someone from IT will look through the computer to see what files were recently accessed. The problem with that is the employee may have downloaded files to CDs to take with them. If someone surfs through a computer to see what was stolen, they are altering the file metadata, such as the date the file was last accessed. It may cause a file that was burned to CD along with other collection of files to have its last access date altered. In computer forensics, we often look for clustering of files with similar dates and times. For instance, if someone burns a number of files to CD, the last accessed time may be a second apart on files that were recently burned to CD. Frequently, we can figure out what was burned to CD by looking at the access dates because when the computer reads the file to write it to CD, it alters access dates. The manager who accesses the computer to look around has just caused the access dates to be modified, so it makes…

Read More

Authenticating E-Mail Discovery as Evidence

By admin | August 28, 2007

With the recent passage of the amendments to the Federal Rules of Civil Procedure, the legal press has been filled with articles containing e-discovery advice. At some point, “e-discovery” will need to be converted into “e-evidence” for the purposes of summary judgment or trial. When you’re faced with having spent your clients’ time and money to both produce e-discovery and mine your opponents’ e-discovery to find the “smoking gun,” it’s critical to ensure you can get those e-mails into evidence — or keep them out. Many practitioners think that e-mails are like business letters and will be admitted into evidence just as easily. E-mails, however, may be more prone to problems of authenticity and hearsay than traditional written documents. People often write e-mails casually, dashing off comments with an informality they’d never use with a letter. Little care is given to grammar and context. Their signature or even their name may be omitted. Authenticating an e-mail presents issues not faced with a traditional letter with its formal letterhead, paragraph structure and signature block. Additionally, e-mails are arguably more susceptible to after-the-fact alteration.

Read More

Electronic Data Discovery introduction

By admin | August 24, 2007

Electronic Data Discovery introduction Electronic data discovery quickly is becoming mainstream in civil discovery. Recent surveys confirm that more than 90 percent of all documents produced since 1999 were created in digital form. You don’t need surveys to prove that point; just walk into any office these days and the first thing you will see is a computer! Surprisingly, many attorneys fail to do any electronic discovery because of concerns that it is costly, time-consuming and complicated. The irony: It is usually wildly cheaper to conduct discovery electronically.

Read More

Incorporate a disaster recovery plan

By admin | August 14, 2007

How to incorporate a disaster recovery plan that would be faster and safer? Nordural ehf’s backup system needed to incorporate a Disaster Recovery plan that would reduce the backup window from ten hours to two-three hours. A Disaster Recovery Plan is a coordinated activity to enable the recovery of IT/business systems due to a disruption. Disaster Recovery can be achieved by restoring IT/business operations at an alternate location, recovering IT/business operations using alternate equipment, and/or performing some or all of the affected business processes using manual methods. It was essential that Nordural’s backup system incorporate a trustworthy Disaster Recovery plan that would reduce its backup window from ten hours to two-three hours. In addition to this, Nordural wanted a Disaster Recovery plan that restored the company’s most critical servers to bare metal restore in less than two hours. Nordural’s decision to select the SecurStore Remote Backup Service highlights the strength and flexibility of managed services. Remote backup (sometimes also referred to as online backup) is a service that provides users with an online system for backing up and storing computer files. Remote backup service providers are companies that provide a software program and space on a server that their client’s data is stored on. The software program will run on a client’s computer and (typically) once a day; compress, encrypt and then send the client’s data to the remote backup service providers’ servers…

Read More

Contact us

(Free initial consultation – no spam)

Contact form (1)

"*" indicates required fields

This field is for validation purposes and should be left unchanged.