Dealing With Computer Abuse Without Digging Bigger Holes!
When faced with staff accused of abusing computer systems, have you got adequate procedures for collecting, preserving and presenting the evidence?
It’s a fairly safe bet that, in the past, you will have had to take action against someone accused of a breach of company policy with respect to their use of the organisations computer systems. There are two idioms that every corporate security officer lives by: "A backup is only as good as the last restore" and "Prevention is better than cure". In a perfect world there would be no computer failures, no lost data and certainly no abuse of computer systems. Unfortunately, we don't live in a perfect world and we have to face the very real prospect that corporate computer systems are woefully vulnerable to misuse and abuse.
"Computer abuse" is a phrase covering a multitude of sins, quite literally, from games playing to fraud, hacking and virus writing through inappropriate downloads and internet activity. The detection of such abuse falls squarely on the shoulders of the audit and security departments of any organisation, supported by adequate policy and procedures.
So, what exactly is "forensic auditing"? There are really two main components of the function, audit and computer forensics, which have the following primary aims:
- Detection of potential abuse
- Protection of the proof
- Adducing qualified evidence
- Presentation of the evidence
It may sound trite but in order to detect abuse within computer systems you must be looking for the right things. This where the audit role comes in. By using appropriate audit tools combined with a strategy to suit the organisation which is backed by well designed policy and procedures, it is remarkable easy to spot abuse of all kinds simply by viewing the audit data in the right way.
Most organisations fail to reap the true benefits of PC audit simply because they are focussed on the two gods of "asset management" and "corporate compliance". Using the right tools, the process of audit can reveal much more about an organisation than that. For example, while performing a PC audit it is possible to collect the contents of the internet browser cache found on all internet ready machines. Using one of the many cache browsers available, it is then a simple task to review the copied data to establish potential transgressions of corporate internet policy.
One such audit on 2000 computers took place with a view to establishing the presence of any "undesirable" image files. The results were shocking. Over 210,000 images were found, of which approximately 25% were questionable. Existing audit data was used, that had been collected during a licence compliance audit and the whole analysis added just 4 man days to the audit project.
From the clients perspective, this was a cost exercise but one which was extremely valuable. In fact, not only image files found, but also a range of undesirable software including copies of PGP (Pretty Good Privacy) where it was not appropriate for encryption to be used, mobile phone cloning software, Sky card cracking software and much, much more!
What was even more surprising was the fact that not only did the above organisation have a reasonable security policy and working set of procedures in place but they also believed that had things under control.
While the above case serves to illustrate the "hidden" power and value of audit data, it also begs the question of what action to take if (or when) you are faced with the knowledge that there is serious abuse within your systems. This is where the forensics part of forensic auditing comes in.
(ArticlesBase SC #964666)
Article Tags:
Computer Forensic Expert
,Digital Forensics
,computer forensics expert
,computer forensics experts
,digital forensics expert
Overview of Google Wave - #7 - Playback in Google Wave
Rather than forcing you into computer forensics, trying to figure who said what and when in an out of control e-mail chain, Google Wave has a handy playback function that lets you watch your Wave unfold in the order it unfolded. Hit the Playback button to see who said what and when and who responded to what and when. It's all very new Wave. (02:11)
How to Determine IT Audit Prices for Your IT Consultant Company
Learn how to figure out what to charge for your initial IT audits with new small business customers of your IT consultant company. Do you struggle with what to charge? Worried that you're charging too much or too little? This short video introduces 5 simple pricing tips for selling more small business IT audits. (05:53)
How to Protect Your System with Account Auditing in Windows Vista
Tech advice and tips: in this video, you will learn how to protect your system with account auditing in Windows Vista. (02:06)
How to Secure a New Computer
Secure, Protect, and Maintain a New Computer OVERVIEW: You will learn how to perform some essential steps on a new computer that will provide a more secure, problem free computing environment. Protect and Care for Your New Baby When you take a new computer out of the box, it's like a new-born baby that needs to be protected and handled with care. There are some essential things that you should do before you bring your new baby out into the world. This article will show you how to dramatically (10:36)
How To Buy Ram For Your Computer
Computer tutorials, this video is showing a tutorial on how to buy ram for your computer without being ripped off. (04:00)
Locating hidden assets, fault evidence and asset information through computer forensics in divorce.
There are many criminal cases where investigation is required. Investigators make use of the latest science and technology during investigation to get some proof or evidence for legal purpose while dealing with criminal matters. Doing such investigation by making use of latest technology and science is often called forensics. While the art and science of applying computer science to retrieve evidence to use within criminal or civil courts of law is called computer forensics.
Mr. von Ramin-Mapp notes that in the 21st Century almost everyone uses a computer and the internet as well as cell phones and other mobile devices. If your client has a computer, there’s a big chance that digital evidence may reside on it. Deleted data from digital devices such as cell phone text messages are often recoverable. Did your client’s spouse have an instant messaging conversation? Are those deleted emails recoverable?
In the field of computer forensics, as in the field of law, procedures in civil cases differ somewhat from those in criminal cases. The collection of data and presentation of evidence may be held to different standards, the process of data collection and imaging can be quite different, and the consequences of the case may have very different impacts. A couple of quick definitions may be in order.
Computer technology has attracted its fair share of criminal activities from those looking to exploit and capitalise on people's reliance on the computer to run their daily lives.
Computer security forensics is a practice designed to keep up with this evolution of crimes and is a science that has been around for a long time. The industry is changing each day and as new internet crimes are created by skillful hackers, digital forensics experts have to keep up and find new ways to access and analyze data.
To be qualified as a computer forensics manager, one needs full knowledge of computer forensic tools, methodologies and protocols. He or she must also have strong and progressive experience in computer forensics and investigations. They must be responsible in planning, directing and completing projects and services in this particular field. Besides, they are also responsible in developing and managing staff.
Do you have great interest in computer forensics? If yes, let's start this career by obtaining a degree qualification in this field. If you feel that attending classes is troublesome, you can pursue this course online without attending to the campus.
Whether you manage a corporate website, or purely an online diary of events and thoughts – blogs have proved to be an important resource that can and do generate organic traffic.One of the common requirements from our clients is cheap traffic and lots of it. Solution is outlining a Search Engine Optimization (SEO) campaign followed by link building and content creation and depending on the product/service launching an effective Social Media campaign.
Examsoon 920-173 study guide will introduce you to the core logic of various subjects so that you not only learn, but you also understand various technologies and subjects.
Examsoon offers free demo for Nortel Certification 920-271 exam. You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.
This Examsoon 920-807 torrent certificate helps not only to improve your knowledge and skills, but it also helps your career, gives a possibility for qualified usage of Examsoon 920-807 exam products under different conditions.
Description: Discount computer warehouse where your requirements accomplish effortlessly. Punch line: Discount computer warehouse where you obligate deals by saving cream of the crop products. Discount computer warehouse dedicated for people who plan about a safe future, all over the world.
The best way to Trace A Cell Number Many of us get calls from strange unknown cellphone numbers but looking for information on a cellular is a lot harder then a regular landline telephone. I wanted to learn the best way to trace a mobile phone number so I did a little research to discover how. First I started by doing a Live search search on tracing cellular phone numbers and came up in a ton of "free" reverse call sites. Like everyone else I tried a lot of them and found it was ...
You may recall my referring before to Dr Tom McLaughlin’s book on the biomechanics of bench pressing (“Bench Press More Now”) - well, here is an interesting paper that he and a colleague wrote on the biomechanical differences between novice and expert bench pressers.
The computer industry of information technology is possibly one of the most lucrative careers to embark on. You will find free help with hardware, operating systems and certifications as well as paid professional education. There are tons of employment opportunities both domestic and international. If you have exceptional skills with computers, then you win a high salary, and opportunities increase compared with your peers.
Turning the computer on affects the swap file and registry as well as the list of most recently used documents. Investigating emails with an email client carries a host of potential dangers. Failing to either make a forensic image of the hard drives of staff when they leave, or replace the hard drive.
Having imaged and analysed the suspects computer disks and found the evidence all that remains is the process of presenting that evidence for use in any criminal, civil or disciplinary hearings.
In court cases, computer evidence can be dismissed if even the slightest doubt over it's veracity can be shown, making the process of adducing the evidence correctly vital to the success of otherwise of the case.
The key role of computer forensics is the protection, adducing and presentation of evidence, in that order. In all abuse cases, protection of the evidence is both critical and central to the organisations ability to investigate and take action against the abuser.
Existing audit data was used, that had been collected during a licence compliance audit and the whole analysis added just 4 man days to the audit project.
The screen printed t-shirts available at this company are made using state of the art techniques and break through technologies to deliver the customers promotional t-shirts of their choice.
1