StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Computer Forensics and Investigations - Assignment Example

Cite this document
Summary
This assignment "Computer Forensics and Investigations" discusses aspects of forensic readiness planning and business continuity with regard to a web development company, Walton Web. FRP and BCP are differentiated, while the importance of having both of them in an organization is emphasized…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.9% of users find it useful
Computer Forensics and Investigations
Read Text Preview

Extract of sample "Computer Forensics and Investigations"

? Computer Forensics and Investigations COMPUTER FORENSICS AND INVESTIGATIONS Introduction This paper is a discussion of aspects of forensic readiness planning and business continuity planning with regard to a web development company, Walton Web. In the paper, FRP and BCP are differentiated, while the importance of having both of them in an organization is emphasized. Concerning the goals set out in the development of an FRP and a BCP, a risk analysis based on the IT description of the company was carried out while giving evidence of the possibility of a lawsuit emanating from this risk. After identifying the risks, the paper goes on to name an example of legislation, which can be used against the company, in this case the Cookie law. Finally, the employee contract at the company needs to be studied with the aim of making a prospective employee be aware of these risks and know how to manage them without claiming ignorance. Question # 1 Forensic Readiness Planning Business Continuity Planning, and Their Testing Both forensic readiness planning and business continuity planning help a company in dealing with the effects of interruptions to their operations. Business continuity planning identifies the exposure of an organization to external and internal threats while synthesizing soft and hard assets to give the organization effective protection and recovery from these threats (Nelson, 2012, p. 23). It does this while maintaining the organization’s value system integrity and competitive advantage. A BCP acts as a roadmap on how to continue operations under adverse conditions. Forensic readiness planning, on the other hand, involves enabling an organization to have digital evidence available before the occurrence of an incident. Since digital evidence could be requested at any time in support of a formal process, an organization needs to have access to all evidence that supports its position in case such an occurrence takes place. While BCP encompasses an extensive range of threats to the organization’s operations, FRP is mainly concerned with the threat brought about by formal requests for digital evidence. An organization requires both an FRP and a BCP because they offer slightly different forms of protection to the company, both of which are vital and interdependent. Business continuity planning involves the development of a practical plan detailing how the organization will prepare for, while continuing to operate, a crisis or incident. The plan aids the organization to identify preventable risks, prepare for risks beyond its control, and respond to the occurrence of a risk. Forensic readiness planning deals specifically with the availability of the organization’s digital data if needed as evidence. It allows for the gathering of admissible evidence in a legal manner that does not interfere with business operations. FRP specifically prepares the organization for legal battles that may involve its digital data by gathering evidence on potential disputes and crimes that may impact it (Nelson, 2012, p. 25). Having both an FRP and a BCP increases the sense of security among the organization’s clients, personnel, suppliers, partners, investors, and vendors. When an organization plans for the occurrence of risks, these stakeholders can carry on with their duties with a sense of security. Planning allows the organization to consider the effects of interruptions to its operations while making priorities for the recovery process. It also helps the personnel learn what to do when interruption occurs, in order to minimize data loss and disruption. An organization’s FRP and BCP need to be tested often in order to enforce them and make adjustments. Most companies that practice these plans conduct bi-annual tests on them during which a mock ‘drill’ is performed for a specific risk. Over time, personnel may change, and the new staff requires to be initiated. Old staff also needs to be re-informed on the plans once in a while, with the most excellent method to do this being to visualize the situation. Changes in technology may prompt some adjustments during a mock exercise, and adjustments made during earlier testing being ratified as working and thus enforced (Nelson, 2012, p. 39). Question # 2 Risk Analysis Based on the scenario related to Walton’s Web Development Company and its IT description, with respect to its forensic readiness and business continuity objectives, there are several risks that face the company. The following is a risk analysis of the company with respect to BCP and FRP: One risk facing Walton is loss of governance. Because of Walton’s use of cloud infrastructure, the customer ultimately cedes control to the CP, or cloud provider, on various issues that could affect the company’s security and readiness for occurrence of risks. Since the company does not offer any commitment to give its clients this service, there is a gap left in security defenses. Another risk is lock-in, caused by the fact that there is very little on offer concerning procedures, tools, and standard data formats or interfaces of service that guarantee data, service portability, and application. This has the capability to make migration of data and services to another provider more difficult for the client. It also makes migration of services and data to an in-house Information Technology environment become difficult. Thus, dependency on particular cloud providers for the provision of service is introduced, especially if portability of data is not enabled. This is because portability of data is one of a web development company’s most fundamental aspects. Isolation failure is another risk to BCP and FRP. Shared resources and multi-tenancy are characters that define web development and cloud computing. The risk category covers mechanism failure in separating memory, storage, reputation among various clients, and even routing. It should, however, be considered that resource isolation mechanism attacks are less numerous with increased difficulty for any attacker to put in motion compared to traditional operation system attacks. By investing in complying with the risks, investment made to achieve certification may be risked via migration to a new system. If the service provider cannot give evidence of personal compliance with requirements deemed necessary or does not allow the client to perform an audit, then regulatory and standard requirements may be put at risk. In specific cases, use of public sound infrastructure gives the implication that various compliances are impossible to achieve. Management Interface Compromise is another risk involved in the implementation of FRP and BCP measures. Through the service provider’s customer management interface, it is possible to access data through the Internet while mediating access to larger resource sets, and thus, increase the risk, especially when combined with web browser vulnerabilities and remote access. Data Protection: web development poses various risks concerning data protection for service users and providers. It could be difficult for the service user, in his/ her role as controller of data, to check data handling practices of the service provider effectively and, thus, ensure that it is being handled lawfully. This problem is made worse in cases where there is multiple data transfer activity, such as between two service providers. It would be prudent for the company to provide data handling practice information while also offering certification summaries on the process of data processing and data security activities and controls of data that are in place. Incomplete or insecure data deletion: When a client makes a request aimed at deleting a cloud resource, this may result in wiping of data, just as happens with most operating systems. Timely or adequate deletion of data may be undesirable for the customer because extra data copies are stored but are unavailable, or because the disc to be destroyed also contains data collected from other clients. In this case, as there is multiple tenancy and hardware resources re-use, there is a higher risk to the customer as compared to dedicated hardware. The malicious insider is another risk to the service provider. While it is less likely to be a problem, compared to the risks already discussed, the damage it could cause is often greater than first imagined. The architecture of the service provider’s cloud service necessitates specific roles, which are a very high risk such as managed security service providers and CP system administrators. Question # 3 Legislation Affecting Walton Walton Web Development Company needs to be aware of the Cookie law that came into effect on 26th May 2011 in the UK. If a site is to use cookies, the EC directive regulations provide that specific information must be afforded to the visitors on the site and that his or her consent is necessary for the cookie placement (Nelson, 2012, p. 61). This regulation implemented 2009 E-Privacy Directive. The relevant rules are found in amended regulation six. Subject to the fourth paragraph, no one shall gain or store information, or get access to stored information in the user’s external equipment. The only way this information can be accessed is after the user has been provided with comprehensive and clear information regarding the purpose of access or storage of his or her information and gives their consent. Where there is the use of electronic communication networks by the same person for information access or storage in the user’s terminal equipment more than once, the user must be given the relevant information and give consent (Nelson, 2012, p. 92). Consent can be signified by a user who sets or amends their Internet browser’s controls, which they use or via the use of another program or application to signify their consent. Paragraph one of the regulations does not apply to technical access or access to information, aimed at carrying out communication transmission over a network of electronic communications or when this sort of storage is necessary for the provision of a service concerning information society, which the user has requested. The UK regulations mean that Walton website operators must never store information or access information in a user’s computer unless the subscriber has given them comprehensive and clear information regarding the purpose of access and storage, on top of waiting for the user’s consent (Nelson, 2012, p. 95). The requirement for consent was instituted to replace the earlier position that provided, for visitors, to have the option of refusing the cookies option. The only cookies that are not in need of consent are those necessary for the fulfillment of the user’s request. For example, this will cover the utilization of cookies to remember a client’s shopping cart as he or she moves through the website’s various pages. Other cookies such as those that seek to number the visitors to the Walton website and those that serve as advertising aids need consent before use. The term ‘consent’, while not defined in the 1998 Data Protection Act, is defined in the 1995 Data Protection Directive as all freely given information and specific indications of the user’s wishes (Nelson, 2012, p. 95). The Data Protection Act in the United Kingdom implemented this directive. The consent requirement has been subject to heated debate and discussion since publication of the E-Privacy Directive. The Article 29 Working Party, the UK Administration, and the IC office have all given opinions that are in conflict on how the requirement of consent will be put into practice. The government has opinions that differ on whether consent needs to be attained before placing the cookies. The Working Party claims that consent needs to be obtained prior to the placement of the cookies and/or any information stored in the subscriber’s terminal equipment is taken, normally referred to as prior consent. Informed consent is only obtainable if the user has been provided with prior information regarding the cookies sending and purpose. However, even with the suggestion of various methods of obtaining consent, the guidance stops short of giving definitive guidance on achievement of compliance, leaving it to organizations to review their cookie use and consider how necessary content may be obtained. Both the UK government and the ICO have not ruled out the use of browser settings to achieve future compliance. Most browser settings do not possess enough sophistication to allow the assumption of cookie use consent from the user. In addition, not every user employs a browser to visit the Walton site. A mobile device application may be used and thus, organizations such as Walton, which utilize cookies, have to gain consent in some other way. Question # 4 Clarifications and Revision of Employment Contract As a potential employee of the Walton Web Office, he/she should strive for clarification on several issues and revisions before signing the employment contract. Regarding clause EC3, the employee should seek to know whether the information that they store in the company’s database is retrievable in case they stop working for the company for one reason or another. It would also be prudent to ensure that one seeks clarification regarding what constitutes personal use of the office hardware equipment and whether the use of corporate laptops by non-office staff is considered wrong. Clarification on rule EC5 should also be sought in case of utilization of mobile browsers during the course of task completion. Since these devices are considered as personal devices, it would be prudent to seek clarification on whether information collected using these data also needs to be treated in the same way as it would be treated if collected using official equipment. If the data stored in personal devices were required during an investigation, what would be the criteria of retrieving these data? Knowing this will prevent a feeling of violation if the data are ever required. The potential employee also needs to seek clarification of EC6, which details that he or she needs to follow the policies of the company while also complying with any additional policies that the client may impose. However, it does not provide the course of action to be taken if the two stakeholders are in conflict. If the policies of the company would be in conflict with the client’s stated requirements, an employee would be in a tight spot, and it is fair that he or she acts to determine what they would need to do in such a scenario. The rule does not state whether the use of Walton Web Security on client sites should require the client to give consent before the installation of the Walton Web Security. References Nelson, B., 2012. Computer forensics and investigations. Boston: Thomson/Course Technology. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Computer forensics and investigations Essay Example | Topics and Well Written Essays - 2000 words”, n.d.)
Computer forensics and investigations Essay Example | Topics and Well Written Essays - 2000 words. Retrieved from https://studentshare.org/information-technology/1456739-computer-forensics-and-investigations
(Computer Forensics and Investigations Essay Example | Topics and Well Written Essays - 2000 Words)
Computer Forensics and Investigations Essay Example | Topics and Well Written Essays - 2000 Words. https://studentshare.org/information-technology/1456739-computer-forensics-and-investigations.
“Computer Forensics and Investigations Essay Example | Topics and Well Written Essays - 2000 Words”, n.d. https://studentshare.org/information-technology/1456739-computer-forensics-and-investigations.
  • Cited: 1 times

CHECK THESE SAMPLES OF Computer Forensics and Investigations

Digital Forensic Laboratory

Digital forensics currently is among the most essential and fastest growing sections of crime laboratories and general investigations.... Specialized software for an in depth analyses of crime data, facility space and the trained personnel who will e operating the equipment's, and laboratory investigations (Jones et al, 2011).... This is normally done so as to improve future investigations (Vacca, 2010).... Digital forensics can be defined as the forensic investigation of electronic devices capable of storing data or information in one form or another....
3 Pages (750 words) Assignment

File System Analysis and Computers Forensics

This paper discusses the the employment of file system analysis in computer forensics, using file system analysis in different fields, as in Linux and others as well as the tools used in the file system analysis.... Employing File System Analysis in Computers Forensics computer forensics is part of numerical forensic science relating to legal indication that is found in the computers as well as digital storing means.... The indication from computer forensics inquiries is normally exposed to the similar rules and practices of other numerical indication and has been used in several cases....
5 Pages (1250 words) Research Paper

Organizations digital investigation process

hellip; The author explains that digital investigations for an organization differ to digital investigation for law enforcement because of the procedure adopted.... Digital investigations arise as a result of an occurrence suspected, attempted or actual in an organization....
5 Pages (1250 words) Essay

Electronic Media Education Tool

For instance; computer affects, internet and other facilities entailed in enhancing the opposite working of the electronic media as an education system.... This essay, Electronic Media Education Tool, stresses that electronic media education tool is highly indispensable on elevating standards of education amongst the older people....
5 Pages (1250 words) Essay

Role of Computer Forensics and Investigation Report in Criminology

From the paper "Role of computer forensics and Investigation Report in Criminology" it is clear that whole Disk Encryption is a process in which full contents of a hard drive are converted into unique codes.... he physical drive is another commonly used term in computer forensics.... In forensic investigations, slack space is usually examined because it contains residual information concerning any stored file.... As such, it is possible to collect information concerning deleted files in a computer system hence the relevance of slack space in digital forensics....
5 Pages (1250 words) Research Paper

Computer Forensics Assignment 2

Guide to Computer Forensics and Investigations.... It is computer forensics Assignment 2 computer forensics Assignment 2 Equipment and Software to Purchase A computer forensics lab shouldhave fundamental requirements for conducting investigation and ensuring safe storage of evidence.... computer forensics software package should form part of the software acquired (Nelson, Phillips & Steuart, 2009).... computer forensics: Investigation Procedures and Response....
2 Pages (500 words) Essay

Challenges in Mobile Forensic Technologies

esides problems in carrying out investigations on mobile devices, there are problems that have been associated with general digital forensics.... These differences bring about technical difficulties in mobile forensics.... The last challenge with mobile forensics is that there is not one specific software tools that are used in data extraction.... The acquisition and presentation of electronic evidence from desktop or laptop computers are surrounded by more technology-oriented difficulties than traditional forensics, which used to be based on paper....
5 Pages (1250 words) Essay

Virtual Machine Forensics

investigations that involve VMs are not different from the normal investigations.... In such investigations which incorporate the use of type 2 hypervisors, a forensic image is obtained from the host computer and the network logs (Steuart, Nelson & Phillips, 2009).... This essay "Virtual Machine forensics" presents virtual machines that are considered as mimicries of certain computer systems....
1 Pages (250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us