StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Digital investigation in the organization - Essay Example

Cite this document
Summary
In the paper “Digital investigation in the organization” the author focuses on digital investigations as a continuous basis that ensures data and information to be always safe and secure and the processes that are employed to present this information…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96% of users find it useful
Digital investigation in the organization
Read Text Preview

Extract of sample "Digital investigation in the organization"

Digital investigation in the organization Forensic Digital investigation is often implemented or used after a serious computer crime or fraud has been perpetrated. Digital investigations is however important on a continuous basis and not on need basis, this ensures data and information is always safe and secure and the processes that are employed to manipulate and present this information are monitored. Digital investigation in essence may act as a form of system security and evaluation. On the other hand digital investigations for law enforcement is basically done to gather evidence and information to be used for legislation purposes. Many organizations are in a position to benefit more if they have the ability to gather and preserve digital evidence before an incident occurs and not after the incident has occurred(Robert, 2004). The digital investigation for law enforcement yields digital evidence, the evidence however may involve the use of enhanced system and staff monitoring, physical and procedural ways of securing data to a standard to be accepted as evidence and considered admissible. It also involves technical and appropriate legal advice to staff and employees(Peter, 2003). The law enforcement perspective of the digital forensic investigation tends to disregard what happens to the object or device before the decision is made whether to be accepted as evidence or not. In this context the evidence required is presented by the digital forensic investigation or not presented and therefore the suspect can neither be charged nor prosecuted. This investigation begins when a crime is committed and the investigator avails himself to the crime scene(Robert, 2004). However in the business context the investigation is done on a continuous basis in the form of emails, portable computers, logfiles, and telephone and network traffics among others. Since it is a continuous process, the evidence may be collected before a crime and the evidence used to the benefit of the organization(Robert, 2004). In the recent technological environment the digital investigations are mainly done by the computer forensics analyst. A computer forensic analysthas a vast knowledge in encryption, programming, data recovery, operating system management and computer security. Additionally they are conversant with evidence processing techniques and basic law enforcementfor CFAs in law enforcement field. Those with a bias on organization and business field will have knowledge on management, finance, economics and marketing(forensicanalyst.org, 2012). The role of the CFA The role of a CFA will vary depending on the area of interest however their roles will always include recovery of deleted emails, uncovering passwords and recovery of deleted or encrypted data. The data recovered is used as evidence by law enforcers with investigations and also may be used in court as evidence(forensicanalyst.org, 2012). The role of CFAs in the law enforcement field is to investigate and find evidence of any illegal act. This is achieved by examining personal computers and networks where crimes have been perpetrated. Their roles include recovering emails and photographs and other data and information that have been deleted from the hard drives and presenting them in court and acting as expert witnesses(forensicanalyst.org, 2012). In an organizational or business setting the computer forensic analyst is tasked with protecting systems and providing computer security in areas where attacks have previously been experienced, they also recover lost files and data from storage media, they also provide advice and training to employees and system users on how to handle data and information in a bid to strengthen data security and safety in the organization(Wolfe-Wilson & Wolfe, June 2003). The digital investigation process In order to progress effectively in the field of computer forensic and digital forensic investigation, the process must be presented in a manner that facilitates its implementation in the several organsiastion and in this case at the institution(Yasinsac & Manzano, 2001). The process is aimed at achieving the following goals and objectives(Wolfe-Wilson & Wolfe, June 2003): i) To gather and collect admissible evidence in a legal manner without interfering with business process. ii) Allow investigations to carry on at costs proportionate to the incident or crime perpetrated. iii) To gather evidence deemed to potentially cause crimes and disputes and that they may adversely impact on the institution. iv) Minimize the interruption to the institutions activities and processes. v) To gather admissible evidence legally and without interfering with business The digital forensic investigation process can be achieved by following a series of steps that are aimed at ensuring the evidence collected during the process of investigation are authentic and can be admissible in court as evidence(Robert, 2004). The process is guided by the following key activities in implementing the process: i) Definition of the scenarios that may need digital evidence: In this step the potential impact of a crime and activity is assessed, the vulnerabilities and the impacts it has on the institution. The need for the assessment helps in determining the requirement of the digital forensic investigation(Wolfe-Wilson & Wolfe, June 2003). ii) Identify available sources and different types of potential evidence. At this step the institution looks at the risks and the potential impacts from the system in the institution and determines what might happen to the potential evidence data. This step scopes what evidence may be available from all the systems and applications in the institution(Yasinsac & Manzano, 2001). Potential rich sources of the threats and crime evidence include emails this source of evidence requires adequate and meticulous consideration with regard to storage, auditing, archiving and retrieval. Others which are potential sources of evidence especially from the internet include instant messaging, chat and news rooms, social networks and media, and web based emails that by passes the corporate email. However an impediment to these potential sources of evidence is the data encryption of the traffic(Yasinsac & Manzano, 2001). iii) Determine the evidence collection requirement. At this point the institution is able to identify whether the identified sources of evidence in step two is able to provide evidences against crimes identified in step one of the process. the institution can then decide if there is more need for evidence collection from additional sources to solve particular crimes(Wolfe-Wilson & Wolfe, June 2003). iv) Establish a capability for securely gathering legally admissible evidence to meet the requirement. At this step of the process the institution decides which evidence is relevant to be used to solve potential risks and crimes in the institution within the budget. The determine evidence is then collected from reliable sources and documented and preserved as an authentic record (Peter, 2003). v) Establish a policy for secure storage and handling of potential evidence. The aim is to securely store the collected information for a long term perion to be used at a later date as evidence. A policy for secure storage and handling of potential evidence ensures that the evidence is easily retrieved when and where needed(Robert, 2004). vi) Ensure monitoring and auditing is targeted to detect and deter major incidents. This step is important since its aim is ensuring that the evidence collected is not only used as evidence for prosecution but also as a way of intrusion detection and monitoring technique(Wolfe-Wilson & Wolfe, June 2003). vii) Train staff in incident awareness, so that all those involved understand their role in the digital evidence process and the legal sensitivities of evidence(Robert, 2004). viii) Ensure legal review to facilitate action in response to the incident. In conclusion digital forensic investigation is the institutions capability to use digital evidence when and where required. Its main aim is to increase the institutions capability to gather and use digital evidence while minimizing the costs of particular investigations. In essence DFI complements existing mechanisms of computer and information security(Robert, 2004). References forensicanalyst.org. (2012). Computer Forensic Analyst. Retrieved November 26, 2012, from forensicanalyst.org: http://www.forensicanalyst.org/Computer-Forensic-Analyst.html Peter, S. (2003). A COMPREHENSIVE APPROACH TO DIGITAL INCIDENT INVESTIGATION . Elsevier. Robert, R. (2004). Process for Forensic Readiness. international Journal of Digital Evidence, 3 (4), 5 - 25. Wolfe-Wilson, J., & Wolfe, H. (June 2003). Management strategies for implementing forensic security measures. Yasinsac, A., & Manzano, Y. (2001). Policies to Enhance Computer and Network Forensics. 2001 IEEE Workshop on Information Assurance and Security. New York: West Point. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Digital investigation in the organization Essay - 2”, n.d.)
Retrieved from https://studentshare.org/information-technology/1608891-digital-investigation-in-the-organisation
(Digital Investigation in the Organization Essay - 2)
https://studentshare.org/information-technology/1608891-digital-investigation-in-the-organisation.
“Digital Investigation in the Organization Essay - 2”, n.d. https://studentshare.org/information-technology/1608891-digital-investigation-in-the-organisation.
  • Cited: 0 times

CHECK THESE SAMPLES OF Digital investigation in the organization

Forensics with UNIX. Prepaid Cell Phones

The executive individuals in a corporation are supposed to have the capability of devising a corporate plan in the organization.... Therefore, this crisis is supposed to be managed appropriately in order to ensure a successful digital investigation.... According to this information, UNIX is a user-friendly system in digital investigation as compared to Microsoft Windows (Sommer 2012).... UNIX has become one of the well known system targets that have attracted digital investigation....
3 Pages (750 words) Essay

Developing the Corporate Strategy for Information Security

nbsp;  Example: Implementation of this function in the organization can be done through the utilization of risk assessment tools in order to depict potential risks to information security.... Accordingly, CISO needs to analyze the potential threats associated with various crucial information of the organization that might hamper the interests of the organization on the whole or that of its stakeholders (Whitman & Mattord, 2010; Homeland Security, 2007)....
6 Pages (1500 words) Assignment

Digital Culture Issues

On the other hand, the presentations illustrated unbundling and dynamic of self organization.... By this we can say that the presentations illustrated beyond doubt how technogenesis, unbundling and self organization is brought about in the process.... In the paper “digital Culture” the author investigates the problem of how the society is going to turn around and respond to their predicaments rather than reacting foolishly from the same....
3 Pages (750 words) Essay

Reports of Digital Investigations to Management

If directed to either the IT Manager or the organization's Chief Security Officer, they are extremely detailed.... Digital investigation reports which are forwarded to the organization's Legal Department are similar to those composed for the Finance and Accounting departments (Jones, Bejtlich and Rose, 2005).... Reports to ManagementDigital Investigations Reports addressed to management are, quite possibly, the most important of all the digital forensic reports prepared by the organization....
4 Pages (1000 words) Essay

Privacy and Digital Investigations

As the director of our legal department clarified, however, the organization's policies tend towards emphasis upon the inviolability of patients' privacy, as opposed to that of employees.... Therefore, upon the detection of suspicious computer incidents, the organization immediately launches a forensics/digital investigation which is fully compliant with a policy which has been jointly drawn up by both the legal and the IT departments.... This report will begin with a brief overview of privacy considerations, following which it will describe the organization's policy and highlight both its strengths and weaknesses....
5 Pages (1250 words) Essay

Technology in the US Government

This paper "Technology in the US Government" focuses on the fact that the Federal Bureau of investigation (FBI) is a US government agency with an international mandate of investigating federal crime, enhancing national security, enforcing federal laws, and bringing criminals to justice.... The Federal Bureau of investigation (FBI) is a US government agency attached to the Department of Justice with its headquarters in Edgar Hoover Building, Washington D....
8 Pages (2000 words) Term Paper

Validation of Forensic Tools and Software

The aim of the organization entails establishing methodologies for testing the effectiveness of the forensic tools.... For instance, the organization develops the tools specifications and test sets.... The results of the projects conducted by the organization help the tool users to improve their tools and make effective decisions.... the organization also has projects that help with the identification of reference data.... This organization conducts various projects in laboratories....
7 Pages (1750 words) Coursework

The process of investigating

"The Enhanced digital investigation Process Model.... “Volatools: Integrating Volatile Memory Forensics into the digital investigation Process.... The process of gathering adequate evidence always needs the highest level of organization and enthusiasm on the issues at hand in order to get the relevant evidence that can be used to make that just and fair judgment.... An ideal investigation process is comprehensive in a bid to figure out issues involved, thus leading to personal growth in a way of approaching issues....
2 Pages (500 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us