close
test_template

Maintaining Proper Computer Forensic Processes

Human-Written
download print

About this sample

About this sample

close
Human-Written

Words: 703 |

Pages: 2|

4 min read

Published: Nov 26, 2019

Words: 703|Pages: 2|4 min read

Published: Nov 26, 2019

Table of contents

  1. Four Major Forensic Processes
  2. Chain of Custody
    Six Main Reasons to Employ Forensics Protocols

When conducting a computer investigation, John Patzakis, a recognized authority on computer evidence admissibility and authentication in court, explains in his article Maintaining The Digital Chain of Custody that there are critical processes in computer forensics that should be remembered and followed. If they are not followed, the computer investigation is in jeopardy, because the court will not recognize that the subject data collected is a mirror image. When the subject data is suspect in not being a mirror image of the original, it is difficult to maintain who accessed the data last, what time stamps are valid, and what is the exact location of the subject media because it is not clear if it was the investigator or the suspect who manipulated the data. Patzakis talks about how the Sarbanes-Oxley Act (SOx) helped to encourage companies to preserve data for at least six years, with strict penalties for those companies that violate this law. In the aftermath of the Enron and Arthur Anderson accounting scandals, the SOx makes it clear that companies will be financially punished for destroying electronic records related to business emails, correspondence, financial records, whether sent or received, especially when an investigation or court proceeding occur.

Four Major Forensic Processes

The four major forensic processes that Patzakis recommends are physically controlling the crime scene, logging all the details about your actions and steps you made in the investigation, creating a mirror image of the subject data, creating a hash that verifies the authenticity of the mirror image, and logging all the details utilizing a recognized forensic software tool.

Chain of Custody

Logging all the details about the actions and steps relates to a proper chain of custody, or the documenting of who handled the evidence from the time of the discovery until it is presented in court (Hayes, 26). The chain of custody shows exactly where on the media the subject data is located and how it relates to the crime, who perpetrated it, and all the unauthorized actions. Even though there are many forensic software tools to record all the investigation details, it is the hard copy reports used in trials that correspond with the crime scene, describing in minute detail the events and times precisely when the crime was made. In today’s world where computers are used ubiquitously, companies are finding out that their employees who left the company may have performed either corporate espionage or unauthorized activities. Companies are making a mirror image of employee hard drives when they leave the company in case an investigation comes up later. Making a mirror image allows forensic professionals to “freeze time” in a snapshot for future storage. A snapshot protects them with regard to the SOx and limits their liability such as claims against them for evidence spoilation. Computer forensic software tools are vitally important in proving that an image is an exact copy of the original, by what is known as a “hashing” process in the MD5 algorithm.

Patzakis makes it clear that investigators have different levels of experience, but when following his four processes, the investigation is better likely to result in success. All persons involved in computer investigations should assume that they are involved in what will be presented in court because if they make one mistake, the investigation will be brought into question.

Get a custom paper now from our expert writers.

Six Main Reasons to Employ Forensics Protocols

The author highlights six main reasons to employ the above forensics protocols; namely for better enabling law enforcement investigations, allowing corporations to defend their interests, countering spoilage claims, limiting corporate liability, protecting corporate assets, and complying with commonly accepted best practices in privacy, and data integrity standards worldwide. I would add that when these protocols are employed, it would also help to exonerate an innocent individual with what is known as exculpatory evidence, or prove a civil liberty was violated (Hayes, 3). Moreover, another reason to employ the suggested forensics protocols would aid an organization in developing a Forensics Readiness Plan that is a proactive tool to help mitigate risk, overcome a computer incident involving a network intrusion, employee espionage, fraud, and sabotage. Having a Forensics Readiness Plan in place should be updated annually, evaluating lessons learned and incorporated in company audits (Sule, 2014).

Image of Alex Wood
This essay was reviewed by
Alex Wood

Cite this Essay

Maintaining Proper Computer Forensic Processes. (2019, November 26). GradesFixer. Retrieved November 13, 2024, from https://gradesfixer.com/free-essay-examples/maintaining-proper-computer-forensic-processes/
“Maintaining Proper Computer Forensic Processes.” GradesFixer, 26 Nov. 2019, gradesfixer.com/free-essay-examples/maintaining-proper-computer-forensic-processes/
Maintaining Proper Computer Forensic Processes. [online]. Available at: <https://gradesfixer.com/free-essay-examples/maintaining-proper-computer-forensic-processes/> [Accessed 13 Nov. 2024].
Maintaining Proper Computer Forensic Processes [Internet]. GradesFixer. 2019 Nov 26 [cited 2024 Nov 13]. Available from: https://gradesfixer.com/free-essay-examples/maintaining-proper-computer-forensic-processes/
copy
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled

close

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.

    close

    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts

    close

    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.

    close

    Thanks!

    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!

    clock-banner-side

    Get Your
    Personalized Essay in 3 Hours or Less!

    exit-popup-close
    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now