A Greater Town : US : NY : New York : Computers & Electronics : Informational Technology — Information Technology

A Case for Computer Forensics Investigation

Information Technology

Updated on Mar 26, 2013

Edit post | View more like this | Visit New York, NY | Contact Cyber Data Risk Managers
A Case for Computer Forensics Investigation
by Christine Marciano, President, Cyber Data Risk Managers

As technology continues to evolve, employees are demanding greater flexibility and mobility, which in turn increases the risks of a data breach for small and midsized businesses (SMBs). With the many different mobile devices that are being used within the workplace today, there has never been a more critical time than now in which SMBs must manage their end-point security, both before and after a breach.

Solid end-point security prior to a breach is a critically important first step, as it could help avoid a costly forensics investigation in the first place. However, even with the best end-point security in place, data breaches can still happen. End-point security should consider forensic investigation, as well as protection, of the breadth of devices that connect to the network, including: mobile phones and other mobile communication devices, tablets, laptops, USBs, printers, PCs, notebooks, and email accounts and PCs that access the company network from home.

A forensics investigation, which is all about finding, acquiring, and preserving digital evidence, is an important step in post-breach activities. Since most SMBs don't have forensic expertise in-house, these smaller organizations should consider hiring a data privacy/security attorney and a computer forensics expert to help. These two professionals will help an SMB determine how and when the breach happened, what data was exposed, and whether or not the breach needs to be reported. Often, a computer forensics expert will be required to sift through thousands of files leading to a very time consuming, difficult, and expensive process.

An SMB should take the approach that assumes that they will be sued after their data breach happens, whether or not they actually are. Especially as it pertains to a forensics investigation, it's always best to preserve relevant data as a business can be found guilty without any evidence or it could help prove it acted in good faith.

The ongoing Apple vs. Samsung patent infringement case involves lots of digital evidence and is a perfect example of how not preserving relevant data can help or hurt a case. When a business fails to preserve digital evidence, it could be argued in court that it willfully and with conscious disregard failed to preserve evidence that would have supported a finding of bad faith or perhaps may have proved good faith on the company's part.

In the case with Apple vs. Samsung, Samsung failed to take appropriate steps to avoid the deletion of relevant emails in its patent infringement lawsuit with Apple. While Judge Grewal concluded that Samsung acted willfully and "with conscious disregard" of its email preservation obligations, he declared that the evidence did not support a finding of bad faith on Samsung's part. However, Judge Grewal ordered that the jury "may presume" both that the lost evidence would have been used at trial and that it would have been favorable to Apple.

This case is a perfect example of why forensics should be left to experienced professionals and why a business should avoid taking a do-it-yourself (DIY) approach. Lately, DIY forensics is being sought out by many SMBs due to the high cost of sorting through a large amount of data (a.k.a. big-data) that needs to be converted into relevant, usable digital evidence.

However, as it's often said, you get what you pay for. A botched computer forensics job, depending upon whether or not it can be fixed, could be quite costly and potentially cost an SMB up to 10 times more than doing it right the first time. Once a reputation is damaged, the cost of that can be much more substantial, so you want professionals working on your side, conducting a forensics investigation and at the same time helping to minimize the impact on your reputation and your business.

*Article originally appeared in http://www.point2security.com (8/15/12)


Christine Marciano
US toll free: 1 +855.CUT.RISK
Fax: 1 +732.709.1684
Twitter: @DataPrivacyRisk

goodideazs, LLC is not affiliated with the authors of this post nor is it responsible for its content, the accuracy and authenticity of which should be independently verified.

About | Advertise | Terms | Privacy | Contact A Greater Town

Top Business Listings | Banner Art Gallery | Blog | Seo Site Crawler

Copyright © 2007-2019 goodideazs, LLC. All rights reserved.