| Computer Forensics – A Brief Description | | | | necessary |
| Computer Forensics is the function of utilising | | | | 2. Secure the ‘exhibit’. Don’t allow anyone |
| scientifically proven methods to assemble together and | | | | access to it, security seal it if possible |
| process data found on a digital device, (computer, hard | | | | 3. Contact a Computer Forensics Expert |
| disk drive, mobile phone, memory card etc), and | | | | What NOT to do if you suspect illegal or inappropriate |
| interpret that data for possible use in a court of law or | | | | activity on a computer or digital device: |
| other theatre of investigation. The evidence may assist | | | | 1. Call your IT manager, or one of your technical staff |
| in the prosecution or a criminal, help in the defence of | | | | 2. Get them to ‘see’ if the user has been |
| an accused person, or be of intelligence to an individual | | | | looking at ‘dodgy’ websites or if any important |
| who is seeking knowledge for either personal or | | | | files are missing |
| professional reasons. | | | | 3. Sack the member of staff |
| The main users of Computer Forensics are law | | | | The analogy of the above: |
| enforcement officers, as a large percentage of crimes | | | | Imaging a body lying in a muddy field. There is a |
| in some way utilise digitally stored data. This data could | | | | blanket over the body and something petruding from it. |
| be a phone call made on a mobile phone, (or cell | | | | By not following procedures, what you will have done |
| phone), which could place an individual at the scene of | | | | is the same as follows: |
| a crime, (or of course away from it), accounts for | | | | 1. See the body |
| illegal activities such as drug sales, images of | | | | 2. Walk up to the body in the field |
| paedophilia, human resource issues, hacking, email | | | | 3. Take the blanket off the body |
| abuse, unauthorised data duplication, IP theft etc. | | | | 4. Move the body to ‘have a look’ |
| Corporate organisations are utilising computer | | | | 5. Put the blanket back over the body – ‘like it |
| forensics more and more now as they often have to | | | | was before’ |
| investigate incidents such as inappropriate computer | | | | 6. Leave the field |
| use, inappropriate email use, unauthorised data | | | | What you have just done: |
| duplication and disloyal employees. Human Resource | | | | Entered the scene of a crime, left YOUR footprints all |
| departments and Internal Security are the biggest | | | | over the muddy field, left YOUR fingerprints on the |
| users of these specialist corporate services. Private | | | | body and blanket, left YOUR DNA all over the place. |
| individuals may also use these services. It may be the | | | | You then expect to call the relevant organisation |
| lover cheating on their partner, or inappropriate internet | | | | authority and have them try and find evidence, which |
| use by a family member. | | | | has just been tainted by YOU or YOUR STAFF. This |
| Computer Forensics or Cyber Forensics as it is also | | | | is not a good start, and could make the case in |
| known, is now taught at many colleges and universities | | | | question inadmissible. |
| around the world, and is available to both the law | | | | Remember that this is a very specialised service |
| enforcement community and private individuals. | | | | provided by experts. Use experts to do the job |
| What to do if you suspect illegal or inappropriate | | | | correctly in the first place, then there shouldn’t be a |
| activity on a computer or digital device: | | | | problem. |
| 1. Turn the power off – Pull the plug out if | | | | |