Posts Tagged ‘Data Triage’


Electronic Discovery Services

Sunday, February 27th, 2011

Electronic data discovery is a collection of huge chunks of data that is either lost due to some accident or deleted due to some reason. Such electronic data retrieved is used in litigation cases where electronic data is evidence.

Electronic document discovery services for law firms and corporate clients involved in litigation are no longer a matter of requesting printed copies of documents. New and extremely valuable data can be found in accounting systems, Email or databases if one knows where to look. This retrieval requires processing and review of large volumes of desperate data, many times eliminating the expense of converting irrelevant data.

Electronic discovery enables you to streamline e-discovery by providing a window into your case data before data processing and review. It helps you gain control and transparency by determining filtering guidelines.

Electronic data discovery includes retrieval of e-mails, voice mails, instant messages, e-calendars, audio files, data on handheld devices, animation, metadata, graphics, photographs, spreadsheets and other types of digital data. E-discovery can also be in the form offline discovery carried out on a particular computer for a particular case.

Computer forensics is an electronic data discovery service that includes the collection, preservation, analysis, and presentation of computer-related evidence. Computer evidence can be useful in criminal cases, civil disputes, and human resources/employment proceedings.

Computer forensics is a specialized form of e-discovery in which an investigation is carried out on the contents of the hard drive of a specific computer. After physically isolating the computer, investigators make a digital copy of the hard drive. Then the original computer is locked in a secure facility to maintain its pristine condition. All investigation is done on the digital copy.

When a case goes for trial, computer evidence can prove to vital for judges in making a decision. This can prove a reversal of the case entirely. Electronic discovery services are extremely useful when compared to traditional evidences and helps dig the smallest of evidences to alter a case.

Hard Drive Recovery Services

Thursday, February 17th, 2011

With the advent of technology there is a broad range of problems we encounter on a daily basis. The current trends allow us to store a huge amount of data in the form of files on computer hard drives. Hard drives have replaced the earlier cumbersome piles of papers that were susceptible to damage easily.

With hard drives on computers we can save humongous chunks of data that can be retrieved at an unimaginable speed. However, there is a possibility of this data being lost, the drive not accessible, the drive getting corrupt and other unexpected snags. Hard drives being the most valuable assets of a company should not be messed with.

If you chance to lose data due to a hard drive crash, a state of the art means by Data Triage Technologies assists you to recover data from corrupted drives. In the absence of back ups such data recovery is invaluable.

How is data retrieved?

Hard drive data recovery is the process of retrieving lost data from hard drive. This retrieval is due to the inaccessibility of data through normal recovery processes. Notwithstanding the fact that your hard drive has crashed or locked up for some reason, Data Triage has hard drive recovery services that can recover the data using a variety of hard drive data recovering techniques.

Why does a hard drive crash?

Reasons can be many when it comes to hard drive failures. One of the main reasons of a full blown hard drive crash can be attributed to a hardware issue. The hard drive is a magnetic disc that spins and has an extended arm that collects data from anywhere in the hard drive. If this arm fails to function or the motor overheats or stops spinning, then there is a possibility of your hard drive crashing resulting in an inability to access any data from all hard drive areas. Apart from this hardware issue, hard drive crashes can also be caused by corrupted registry files or system files. Viruses, Trojan horses, Adware and Spyware can also cause system file corruption leading to hard drive crash.

What is hard drive data recovery service?

Hard drive data recovery service is a service that has acquired a great deal of specialization today. The specialized hard drive recovery services can safely enter into any system, network, or data storage device to recover data and determine whether the data has been manipulated, deleted, destroyed or damaged. Depending on what data you need to recover, Data Triage experts can recover data, phrases, files, numbers or keywords. These services can also verify if any illegal use of proprietary information took place or when and how the data was accessed.

Data thus retrieved can be preserved and reproduced in a viewable format. This format saves your time and resources because retrievable data may not be in a format that could be easily viewable or comprehensible to you. Hard drive data recovery can also be done on data storage devices that have been destroyed by fire or flood.

Role of the Computer Forensics Expert Witness in the Litigation Process

Wednesday, September 22nd, 2010

Computer Forensics

Computer forensics are used in criminal investigation, civil litigation, hacking, embezzlement, industrial espionage, insurance fraud and law enforcement or Internet/company property abuse.

Computer forensics focuses on acquisition, restoration and analysis of digital data. In business world, computer forensics can be used to restore corrupted or lost data, resurrect outdated software environment, and analyze common security breach activities.

A Computer Forensics Expert

A computer forensics expert is an experienced personnel who can access a compromised computer, duplicate all files and directories and document all steps taken during the recovery and discovery process. A computer forensics expert is an experienced personnel who can maintain the integrity of data, preserving the chain of control and following a proven methodology of review. A computer forensics expert can track deleted files, hidden files, files created by the system such as an automatic backup of a document, or fragmented files that are scattered throughout the storage devices. A computer forensics expert is an experienced personnel who can document the location of electronic data, its nature, format and other identifiers.

A Computer Forensics Expert Witness

A computer forensics expert witness is an experienced personnel who is adept at handling the tools of computer forensics, resolving matters in corporates and litigation processes by contributing to the evidence pool, establishing truth for more efficient and rapid resolution, judgment or settlement. Digital data that is lost, stolen, deleted or otherwise manipulated can be of evidential value in a lawsuit.

Role of a Computer Forensics Expert Witness

A computer forensics expert witness plans strategies: The analytical and technical skill sets of a computer forensics expert witness provides attorneys with assistance at every step of the litigation process through discoverable and electronically stored information and the form in which it should be presented strategically.

A computer forensics expert witness assists counsel for plaintiff: The attorney for a plaintiff is entitled to all electronic information that is key to the litigation and he may request the electronic data to support his client’s claims. The computer forensics expert witness can brainstorm with the attorney and the client regarding all physical locations of the relevant and different forms of e-data. The computer forensics expert witness can also assist in determining if data wiping or encryption utilities were used.

The computer forensics expert witness assists the counsel for defendant:

  • The computer forensics expert witness confers with the client and his IT personnel attorney for the defendant to discuss how to maintain files during litigation and how to preserve and protect data
  • The computer forensics expert witness can assist in balancing privacy with evidence production by providing electronic discovery on behalf of their clients, including redacting proprietary or attorney/client privileged data
  • The computer forensics expert witness also assists his client’s IT professionals understand the legal requirements associated with preservation of electronic data
  • The computer forensics expert witness can attend “meet and confer” sessions.
  • The computer forensics expert witness suggests information to request with respect to backup procedures
  • The computer forensics expert witness provides assistance with wording for interrogation and requests for potential deposition questions for IT personnel
  • The computer forensics expert witness can determine where and how often the suspect had used the Internet if it is relevant to the case
  • The computer forensics expert witness restores and recovers deleted files
  • The computer forensics expert witness researches and determines if any dates have been altered
  • The computer forensics expert witness helps parties understand the scope and nature of electronic data collection, filters privileged data and assists in determining the extent of the data accessed

Analysis: The computer forensics expert witness researches analyzes the key words, documents or dates important to the litigation as an evidence to tampering and data deletion.

The computer forensics expert witness can offer testimony:

  • The computer forensics expert witness has the skills and experience to explain technical concepts and present mass amounts of data in a clear and understandable manner with respect to electronic evidence
  • The computer forensics expert witness can demonstrate the securely collected and preserved data as electronic evidence
  • The computer forensics expert witness needs to make sure the proper software is used as only a few software programs have been tested and approved by various courts as forensically sound and reliable
  • The computer forensics expert witness must also assure that he is employing accepted procedures including documenting the chain of custody of electronic data
  • The computer forensics expert witness must also assure that his overall ability to testify and demonstrate that the procedures he is employing is forensically sound
  • The computer forensics expert witness must be aware of the ethics of his profession and laws governing his testimony
  • The computer forensics expert witness should have reputable experience
  • The computer forensics expert witness must be able to withstand cross-examination

Data Triage Technologies offers Computer Forensics and Expert Witness Services to the legal communities in California and throughout the United States. Data Triage’s computer forensics experts identify, preserve and analyze potentially discoverable electronic evidence, while maintaining a cost effective approach throughout the process to support ongoing investigation. Let the professionals at Data Triage Technologies assist you in obtaining the evidence vital for winning your case!

Network Security Auditing

Wednesday, September 15th, 2010

The word audit brings a lot of scenes to your mind. A lot of unpleasantness is associated with this word. Network security audit does ring a bell of tax audit though in an altogether different sense. In the regular tax audit you can see people physically accessing your files and network security audit they crawl into the virtual world of computer network.

Network security auditing is an approach to auditing networks in order to ensure their safety. In the entire information systems audit framework, the audit of networks is one piece of a big puzzle. The other pieces of the puzzle are audits of application software, data base etc.

A Network Security Auditor’s job is to gather certain information and understanding of this information about the network to review in order to complete the audit of network security.

The first step in this Network Security Audit is to determine the expanse of the network. A typical way to do this is to examine the network diagram. This diagram shows all the routes available on the network. A Network Security Auditor had to ensure the accuracy of this diagram.

Businesses change and the network diagram needs to be updated with these changes. An auditor has to observe the processes that exist in the organization to update and maintain the diagram accurately. Concentration at particular areas in the network such as data centers where ERP servers are hosted, and the points from where these are accessed is of great importance to the auditor. Complex networks may have many hosting points where critical resources are located. Network diagram acts as an input on the types of devices and protocols used in the network. This input can be used as a referral throughout the audit.

Once a Network Security Auditor gets the pressing issues of key areas in the network he next moves to information about critical assets, systems and services that need to be secured. Key areas like enterprise systems consisting of ERPs, mail servers and other internal applications, web servers that host applications accessed by customers and vendors and the network and its components. Hence, security and access mechanism surrounding applications and servers also needs to be strong.

The Network Security Auditor then assesses who all have access to the network and for what reasons they access. If any employees access the network from outside the office or if any customers and vendors access the systems? Is the network accessed via Internet or is there a remote access mechanism? The Network Security Auditor finds answers to these question which have a strong impact on network security.

After examining all accesses and modes of access, the auditor next moves to the network’s connections with external networks. The auditor can press this examination in the first step itself by analyzing the diagram. However, a sincere auditor should treat this separately. An external network has its own threats on the network security of a company. Internet is accessed in companies for various purposes depending on the nature of the job performed. The simplest may be browsing sites or reading and dispatching mails by employees. On a sophisticated scale some companies’ business is dependent on e-commerce websites through which the companies establish their business and exchange information with other companies. Hence there are sensitive points through which information parts enters and leaves a company.

Now that the Network Security Auditor has the knowledge of the systems accessed internally and those externally, he can determine where to install firewalls and intrusion detection systems. To ensure internal security, the gateways of the external networks should be secured. Threats from outside are checked first and then threats from inside and a plan to enhance security can be put in place. The Network Security Audit can now offer protection mechanisms by evaluating their effectiveness and adequacy.

www.DataTriage.com, a leading expert in Computer Forensics, Network Forensic Analysis, Network Security Auditing and Network Vulnerability Services.