Informative Articles About Digital Forensics Litigation Support
What Can Computer Forensics Do For You?
What do you recommend as a best practice for preserving electronic data on a computer? One of the most important things that companies need to do is to make sure that they do not spoil the evidence by looking to see what the employee was doing. In many cases, right after someone departs, the manager or someone from IT will look through the computer to see what files were recently accessed. The problem with that is the employee may have downloaded files to CDs to take with them. If someone surfs through a computer to see what was stolen, they are altering the file metadata, such as the date the file was last accessed. It may cause a file that was burned to CD along with other collection of files to have its last access date altered. In computer forensics, we often look for clustering of files with similar dates and times. For instance, if someone burns a number of files to CD, the last accessed time may be a second apart on files that were recently burned to CD. Frequently, we can figure out what was burned to CD by looking at the access dates because when the computer reads the file to write it to CD, it alters access dates. The manager who accesses the computer to look around has just caused the access dates to be modified, so it makes…
Read MoreAuthenticating E-Mail Discovery as Evidence
With the recent passage of the amendments to the Federal Rules of Civil Procedure, the legal press has been filled with articles containing e-discovery advice. At some point, “e-discovery” will need to be converted into “e-evidence” for the purposes of summary judgment or trial. When you’re faced with having spent your clients’ time and money to both produce e-discovery and mine your opponents’ e-discovery to find the “smoking gun,” it’s critical to ensure you can get those e-mails into evidence — or keep them out. Many practitioners think that e-mails are like business letters and will be admitted into evidence just as easily. E-mails, however, may be more prone to problems of authenticity and hearsay than traditional written documents. People often write e-mails casually, dashing off comments with an informality they’d never use with a letter. Little care is given to grammar and context. Their signature or even their name may be omitted. Authenticating an e-mail presents issues not faced with a traditional letter with its formal letterhead, paragraph structure and signature block. Additionally, e-mails are arguably more susceptible to after-the-fact alteration.
Read MoreElectronic Data Discovery introduction
Electronic Data Discovery introduction Electronic data discovery quickly is becoming mainstream in civil discovery. Recent surveys confirm that more than 90 percent of all documents produced since 1999 were created in digital form. You don’t need surveys to prove that point; just walk into any office these days and the first thing you will see is a computer! Surprisingly, many attorneys fail to do any electronic discovery because of concerns that it is costly, time-consuming and complicated. The irony: It is usually wildly cheaper to conduct discovery electronically.
Read MoreIncorporate a disaster recovery plan
How to incorporate a disaster recovery plan that would be faster and safer? Nordural ehf’s backup system needed to incorporate a Disaster Recovery plan that would reduce the backup window from ten hours to two-three hours. A Disaster Recovery Plan is a coordinated activity to enable the recovery of IT/business systems due to a disruption. Disaster Recovery can be achieved by restoring IT/business operations at an alternate location, recovering IT/business operations using alternate equipment, and/or performing some or all of the affected business processes using manual methods. It was essential that Nordural’s backup system incorporate a trustworthy Disaster Recovery plan that would reduce its backup window from ten hours to two-three hours. In addition to this, Nordural wanted a Disaster Recovery plan that restored the company’s most critical servers to bare metal restore in less than two hours. Nordural’s decision to select the SecurStore Remote Backup Service highlights the strength and flexibility of managed services. Remote backup (sometimes also referred to as online backup) is a service that provides users with an online system for backing up and storing computer files. Remote backup service providers are companies that provide a software program and space on a server that their client’s data is stored on. The software program will run on a client’s computer and (typically) once a day; compress, encrypt and then send the client’s data to the remote backup service providers’ servers…
Read MoreImportance Of Recovery Planning
Disasters are common in the world today, from nature to car wrecks. In the computer industry, disasters aren’t any different. They can come in the form of an office fire, computer crashes, hard drive failure, missing IT documents, stolen hardware, and many other forms. Disasters can be very traumatic and stressful, although there are actions that you can take. Even though disasters can occur at any time, recovery planning doesn’t cross the mind of business owners or individuals. Most just carry out their normal day to day routines, never aware of what could result from a disaster. Then, when disaster does strike, most tend to freak out and wonder just what they can do to fix the situation at hand. If you are prepared for a disaster or hard drive failure, then your business will be able to deal with anything that happens. The first step in planning and preparing for disaster is to analyze your business or operations. You should determine how often your systems go down, and how you can manage operations without the equipment. You should also find out how long it would take you to fix the equipment, and what your business can do to make ends meet when the equipment is unavailable.
Read MoreRising Costs of E-Discovery Requirements Impacting Litigants
The first electronic database I supervised in litigation ended up costing a dollar a page. And that was before a single lawyer had looked at any of it. Making TIFF images, using Optical Character Recognition software to create searchable text, entering basic descriptive coding for each document and exporting all this data into a usable format were handled by an outside vendor that charged separately for each step. This was actually cheap, because we started with paper documents, not dozens of hard drives and servers full of e-mail, Word files, PowerPoint presentations and Excel spreadsheets that first had to be forensically imaged and treated like evidence at a homicide scene on “CSI: Miami.” Luckily, my client was a major corporation facing claims that its opponents contended were worth many millions of dollars. The client could afford this cost, and the database created ultimately paid for itself by allowing us to find documents that changed the direction of the case. But we built this database by choice, not in response to our opponent’s demand. The client wanted to preserve all the relevant documents and retrieve them quickly and decided the cost was worth it. Since that time, the discovery landscape has evolved. Even before the amended Federal Rules of Civil Procedure required all parties to include electronically stored information — ESI for short — in their mandatory disclosures and early discovery planning, lawyers learned…
Read MoreControlling the Accidental Release of Digital Information
In an age when virtually all documents are created on computers, it has become second nature to electronically share these materials through e-mail, extranets, and USB flash drives. Unfortunately, many people don’t fully understand exactly what information is contained in the files they are distributing. In the legal community, where clients routinely entrust sensitive and privileged information to their legal counsel, this lack of understanding can have significant consequences. Imagine how you would feel if you were counsel in any of these situations: In a products liability matter, both parties have been ordered by the court to exchange final trial exhibit lists in electronic format, such as an Excel spreadsheet. Rather than e-mail the file, your trusted paralegal copies the file onto a floppy disk that he sends via FedEx. Several days later, your opposing counsel acknowledges receipt of your exhibit list, but he also notes that the floppy disk contained an unrelated database apparently relating to another litigation matter on which you are also working. Have you just waived work product privilege on that work?
Read MoreDefining A Standard for Admitting Electronic Evidence at Trial
While many attorneys and their clients focus on the importance of preserving electronic files and data to minimize the risk of evidence spoliation, far fewer give the same attention to the seemingly straight-forward process of validating these materials for admission into evidence. One inadvertent result is that while standards for resolving electronic evidence spoliation allegations have been constantly tested and improved through a combination of articulate judicial decisions, specific procedural rules, and extensive commentary by legal scholars, far fewer written opinions have squarely addressed the standards for the admissibility of electronic evidence, leaving a much smaller pool of resources from which to draw guidance. A recent Ninth Circuit case demonstrates the degree to which standards for the admissibility of electronic evidence admissibility remain unsettled and open to significant variation. In re Vinhnee, 2005 WL 3609376, 06 Cal. Daily Op. Serv. 146, 2006 Daily Journal D.A.R. 169 (B.A.P. 9th Cir. Dec 16, 2005), stands (among other things) for the proposition that a sponsoring party cannot rely upon judicial notice to fill gaps in the explicit foundation that it uses to authenticate electronic materials it wishes to introduce as evidence.
Read MoreFinding the Line Between E-Discovery Expert and Fact Witness Testimony
Digital information is an increasingly common part of civil and criminal litigation. Electronic mail messages and documents-or evidence that such materials are suspiciously missing-are powerfully persuasive pieces of evidence that can make or break a case. Courts recognize the importance of electronic files and their analysis, and they routinely admit such materials into evidence. However, where is the point where relaying objective facts about electronic documents crosses the line into expert opinion testimony? The Sixth Circuit case, United States v. Ganier, 468 F.3d 920 (6th Cir. 2006), recently addressed exactly that issue. In a criminal matter, the prosecution announced its intention to present the testimony of an IRS agent regarding evidence that potentially relevant files had been located by running queries using Microsoft Windows utilities-and then deleted.
Read MoreAn introduction to Computer Forensics
Computer Forensics is the process of investigating electronic devices or computer media for the purpose of discovering and analyzing available, deleted, or “hidden” information that may serve as useful evidence in supporting both claims and defenses of a legal matter as well as it can helpful when data have been accidentally deleted or lost due to hardware failure. This is a very old technique but now it has changed a lot because of technological advances & modern tools and software’s. which makes Computer Forensics much easier for Computer Forensic Experts to find & restore more evidence or data, faster and with more accuracy . Computer forensics is done Using advanced techniques and technologies, a computer forensic expert uses this techniques to discover evidence from a electronic storage device for a possible crime . The data can be from any kind of electronic device like Pen drives , discs, tapes, handhelds, PDAs, memory stick, Emails, logs, hidden or deleted files etc…. Most of us think that a deleting a file or history will remove it completely from the hard disk drive. But in realty it only removes the file from the location, but the actual file will still remain on your computer. It is easier to track what has been done on your computer but difficult to say by whom . Although it’s possible to alter or delete the data completely from your storage…
Read MoreContact us
(Free initial consultation – no spam)
Contact form (1)
"*" indicates required fields