:s
IT forensics
IT forensics
Technology has made it easier for criminals to hide information about their crimes. Forensic analysis of electronic data has become a fundamental process in the investigation of fraud, money laundering activities and electronic data tampering. Our IT Forensic team takes a highly professional approach to uncover evidence while managing the situation to sustain public credibility of the organisation.
With our trained IT forensic professionals, our IT forensic services enable the organisation to:
- detect fraudulent or suspicious activities
- acquire, secure and preserve evidence
- improve incident management and response
What is "Live Forensics"?
Most IT departments must meet a certain level of performance and cannot afford to have systems off-line for any extended periods of time. The forensic-imaging of a single hard drive could take a full work day or more and that is assuming that the system can be shutdown. However, most systems have multiple hard drives. The traditional method of computer forensics may not be a viable option for you.
In order for you to meet your Service Level Agreement (SLA), we have created a process that can gather as much information from the compromised system(s) as possible, while the systems are running.
Our Services
- Incident Response
Incident response is an organised approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. The response depends upon how the security team reacts, what they do to minimise damages, and when they restore resources, all the while ensuring data integrity.
- Electronic Data Discovery
e-Discovery or EDD, relates to locating responsive documents that are part of electronically stored information (ESI). The role of an electronic discovery expert or e-Discovery expert is to help bridge the gap between lawyers and information technology. - Evidence Preservation
Computer evidence can be found on computer hard drives, zip drives and floppy diskettes. Such evidence is fragile and can be easily destroyed in seconds through hazards such as electromagnets, planted destructive Trojan horse programs, etc. Other than destructive process and devices being planted by the suspect, potential evidence in the form of data fragments residing in spaces not viewable to users (e.g. file slack, erased files) can also be easily overwritten by something as simple as the rebooting of the system. As such, great care must be exercised when handling and acquiring evidence. - Data Recovery
Our state of the art lab facility and portable lab environments coupled with our certified and qualified investigator's expertise maximises your computer forensic data evidence in digital data litigation matters.
- Digital Forensics Analysis
Our research encompasses techniques we have adopted to successfully detect malicious objects in hidden and embedded data. The multi-stage forensics analysis process accurately present all data at a layer of abstraction and format that can be effectively used by our investigators to identify evidence. - Secure Electronic Data Room
A secure electronic data room is essentially a secure, segregated storage of sensitive and confidential data with controlled access. The data is made available via a website, to which controlled accesses are given to users using secure log-on on a restricted basis. Granted access can also be disabled anytime upon instruction from data owner. Digital rights management is applied to further limit the users’ ability to release the sensitive and confidential information to third parties through forwarding, copying or printing. In addition, system auditing is enabled on secure electronic data server for tracking and legal purposes.