That's the word from Derek Street, product manager at SecureData Security. He says companies face a range of business risks around their data and IT infrastructure, including theft of intellectual property, white-collar crimes such as fraud, human resources violations, and employees using enterprise computers for illegal or immoral activities.
One of the enterprise's most effective tools against the risks of employees abusing corporate data and computers is offer them the certainty that they will be caught and punished for their actions. Companies therefore need to be able to uncover who was responsible for criminal acts or transgressions against corporate policy and provide solid evidence that can be used to prosecute them or dismiss them.
To address these challenges, companies should look for network-based forensics solutions that provide complete network visibility, and comprehensive, forensic-level analysis of servers and workstations anywhere on a network, Street adds. Such a solution should be able to securely investigate/analyse many machines simultaneously over the LAN/WAN at the disk and memory level without disrupting operations, causing downtime, or alerting the target that he or she is under investigation.
It should also as far as possible, automate time-consuming investigative processes, incident response and eDiscovery. These tools can provide detailed information across the lifecycle of a document, such as who accessed, created or edited a document, whether it was printed or emailed (and by who), and much more, often even if the user has deleted information in a bid to cover his or tracks.
One of the important things to look for in a forensics tool is a track record with courts and law enforcers around the world, proving its ability to acquire data in a forensically sound manner, says Street.
1 comment:
Thank you for the lovely post. I too agree with your points mentioned therein. Computer Forensics is the process of using the latest knowledge of science and technology with computer sciences to collect, analyze and present proofs to the criminal or civil courts. Network administrator and security staff administer and manage networks and information systems should have complete knowledge of computer forensics. The meaning of the word "forensics" is "to bring to the court". Forensics is the process which deals in finding evidence and recovering the data. The evidence includes many forms such as finger prints, DNA test or complete files on computer hard drives etc. The consistency and standardization of computer forensics across courts is not recognized strongly because it is new discipline.
Post a Comment