Computer Forensics

Information leakage and crimes involving electronic misuse are growing rapidly; in addition evidence contamination is one of the biggest challenges for computer forensics experts and companies alike.

In house resources to cope with data misuse are being
stretched and, despite publication of best practice guidelines, procedures to deal with it are either not in place or not widely understood.

Information Leakage on The Increase

The rise in the number of incidents of information leakage and its developing sophistication is of particular concern. The full data trail left by computers and other electronic devices is usually inaccessible to even relatively sophisticated computer users, but the digital fingerprints can often be identified and interpreted by trained computer forensic staff.

Knowledgeable IT employee temptation to play detective can be overpowering, but ultimately detrimental to any investigation. Basic investigative tools can be obtained easily on the Internet, and many of the principles of how to recover deleted files are well known to IT professionals. However, recovering data in a way that meets the evidential requirements that have been set out by the courts is another matter altogether. Effective investigators also have a full range of tools including keyword searches, pattern recognition searches, file signature analysis, steganalysis and encryption detection.

All work is carried out to Association of Chief Police Officers (ACPO) guidelines for computer based electronic evidence and in a manner compatible with computer forensic investigation.