Computer Forensics, Information Security Management

Computer Forensics

Computer Forensics is the process of gathering digital data, analyzing it and generating final report which is admissible at legal forum. It is commonly used in crime scenes to identify the criminals, help out investigators and also to protect further crimes and frauds. Computer Forensics's objective is to perform a systematic investigation on digital data while maintaining evidences in a proper organized and documented manner. After analyzing the evidences forensic expert can find out what actually happened and how to prevent it in future.

Common Practices / Standard Procedures

  • Physically isolating the digital device
  • Digital Backup of digital device / storage media
  • Locking the subject device, so it can't be stolen or damaged
  • All investigation took place on digital copy to protect the original one

Usage of Computer Forensics

  • Intellectual Property theft Disputes
  • Industrial Spying
  • Employment disputes
  • Fraud and Crime investigations
  • Forgeries
  • Bankruptcy investigations
  • Inappropriate email and internet use in the work place
  • Regulatory compliance

Computer Forensics Tools

  • Disk Cloning and Data Imaging Tools
  • Known and Unknown Files Viewer
  • File contents analyzers
  • Operating System's registry analyzers
  • Internet activity monitors and analyzers
  • Email analyzers
  • Mobile devices analyzers
  • Data Recovery tools
  • Decryption tools (to recover encrypted files)
  • Database & Network forensics tools