Dealing With Computer Abuse Without Digging Bigger Holes!

<h1>Dealing With Computer Abuse Without Digging Bigger Holes!</h1>Author: <a title="Elizabeth Sheldo" href="http://www.articlesbase.com/authors/elizabeth-sheldo/168155.htm">Elizabeth Sheldo</a> <h2>When faced with staff accused of abusing computer systems, have you got adequate procedures for collecting, preserving and presenting the evidence?</h2> It’s a fairly safe bet that, in the past, you will have had to take action against someone accused of a breach of company policy with respect to their use of the organisations computer systems. There are two idioms that every corporate security officer lives by: "A backup is only as good as the last restore" and "Prevention is better than cure". In a perfect world there would be no computer failures, no lost data and certainly no abuse of computer systems. Unfortunately, we don't live in a perfect world and we have to face the very real prospect that corporate computer systems are woefully vulnerable to misuse and abuse. "Computer abuse" is a phrase covering a multitude of sins, quite literally, from games playing to fraud, hacking and virus writing through inappropriate downloads and internet activity. The detection of such abuse falls squarely on the shoulders of the audit and security departments of any organisation, supported by adequate policy and procedures. So, what exactly is "forensic auditing"? There are really two main components of the function, audit and computer forensics, which have the following primary aims: <ul> <li>Detection of potential abuse</li> <li>Protection of the proof</li> <li>Adducing qualified evidence</li> <li>Presentation of the evidence</li> </ul> It may sound trite but in order to detect abuse within computer systems you must be looking for the right things. This where the audit role comes in. By using appropriate audit tools combined with a strategy to suit the organisation which is backed by well designed policy and procedures, it is remarkable easy to spot abuse of all kinds simply by viewing the audit data in the right way. Most organisations fail to reap the true benefits of PC audit simply because they are focussed on the two gods of "asset management" and "corporate compliance". Using the right tools, the process of audit can reveal much more about an organisation than that. For example, while performing a PC audit it is possible to collect the contents of the internet browser cache found on all internet ready machines. Using one of the many cache browsers available, it is then a simple task to review the copied data to establish potential transgressions of corporate internet policy. One such audit on 2000 computers took place with a view to establishing the presence of any "undesirable" image files. The results were shocking. Over 210,000 images were found, of which approximately 25% were questionable. Existing audit data was used, that had been collected during a licence compliance audit and the whole analysis added just 4 man days to the audit project. From the clients perspective, this was a cost exercise but one which was extremely valuable. In fact, not only image files found, but also a range of undesirable software including copies of PGP (Pretty Good Privacy) where it was not appropriate for encryption to be used, mobile phone cloning software, Sky card cracking software and much, much more! What was even more surprising was the fact that not only did the above organisation have a reasonable security policy and working set of procedures in place but they also believed that had things under control. While the above case serves to illustrate the "hidden" power and value of audit data, it also begs the question of what action to take if (or when) you are faced with the knowledge that there is serious abuse within your systems. This is where the forensics part of forensic auditing comes in.About the Author: Elizabeth Sheldon is a director of Evidence Talks, One of the most highly regarded <a href="http://www.evidencetalks.com/">computer forensics</a> consultancies in the UK, Evidence Talks lead the way with unique solutions to some of the problems faced by industry today. More information visit- <a href="http://www.evidencetalks.com/">evidencetalks.com</a>Article Source: <a href="http://www.articlesbase.com/">ArticlesBase.com</a> - <a href="http://www.articlesbase.com/computer-forensics-articles/dealing-with-computer-abuse-without-digging-bigger-holes-964666.html" title="Dealing With Computer Abuse Without Digging Bigger Holes!">Dealing With Computer Abuse Without Digging Bigger Holes!</a>

When faced with staff accused of abusing computer systems, have you got adequate procedures for collecting, preserving and presenting the evidence?

It’s a fairly safe bet that, in the past, you will have had to take action against someone accused of a breach of company policy with respect to their use of the organisations computer systems. There are two idioms that every corporate security officer lives by: "A backup is only as good as the last restore" and "Prevention is better than cure". In a perfect world there would be no computer failures, no lost data and certainly no abuse of computer systems. Unfortunately, we don't live in a perfect world and we have to face the very real prospect that corporate computer systems are woefully vulnerable to misuse and abuse.

"Computer abuse" is a phrase covering a multitude of sins, quite literally, from games playing to fraud, hacking and virus writing through inappropriate downloads and internet activity. The detection of such abuse falls squarely on the shoulders of the audit and security departments of any organisation, supported by adequate policy and procedures.

So, what exactly is "forensic auditing"? There are really two main components of the function, audit and computer forensics, which have the following primary aims:

Detection of potential abuse
Protection of the proof
Adducing qualified evidence
Presentation of the evidence

It may sound trite but in order to detect abuse within computer systems you must be looking for the right things. This where the audit role comes in. By using appropriate audit tools combined with a strategy to suit the organisation which is backed by well designed policy and procedures, it is remarkable easy to spot abuse of all kinds simply by viewing the audit data in the right way.

Most organisations fail to reap the true benefits of PC audit simply because they are focussed on the two gods of "asset management" and "corporate compliance". Using the right tools, the process of audit can reveal much more about an organisation than that. For example, while performing a PC audit it is possible to collect the contents of the internet browser cache found on all internet ready machines. Using one of the many cache browsers available, it is then a simple task to review the copied data to establish potential transgressions of corporate internet policy.

One such audit on 2000 computers took place with a view to establishing the presence of any "undesirable" image files. The results were shocking. Over 210,000 images were found, of which approximately 25% were questionable. Existing audit data was used, that had been collected during a licence compliance audit and the whole analysis added just 4 man days to the audit project.

From the clients perspective, this was a cost exercise but one which was extremely valuable. In fact, not only image files found, but also a range of undesirable software including copies of PGP (Pretty Good Privacy) where it was not appropriate for encryption to be used, mobile phone cloning software, Sky card cracking software and much, much more!

What was even more surprising was the fact that not only did the above organisation have a reasonable security policy and working set of procedures in place but they also believed that had things under control.

While the above case serves to illustrate the "hidden" power and value of audit data, it also begs the question of what action to take if (or when) you are faced with the knowledge that there is serious abuse within your systems. This is where the forensics part of forensic auditing comes in.

Elizabeth Sheldon is a director of Evidence Talks, One of the most highly regarded computer forensics consultancies in the UK, Evidence Talks lead the way with unique solutions to some of the problems faced by industry today. More information visit- evidencetalks.com

Rate this Article:

0 / 5 stars - 0 vote(s)

Re-Publish

Article Source: http://www.articlesbase.com/computer-forensics-articles/dealing-with-computer-abuse-without-digging-bigger-holes-964666.html

Related Videos
Related Articles
Ask / Related Q&A

Play

How to Install an Aqua Computer Radiator

Play

How to Make Your Computer Run Faster

Play

How To Buy Ram For Your Computer

Play

How To Set Up Multiple Monitors With One Computer

Play

How to Determine IT Audit Prices for Your IT Consultant Company

Latest Computer Forensics Articles
More from Elizabeth Sheldo

Unusual Wedding Gifts

By: bettypalmateerjh | 06/11/2009
Brides and grooms are making the things easier for their guests to select the gifts for their wedding ceremony. Some brides and grooms prepare a gift registry and leave for their guests to choose the items from their lists. But, some guests wish to give unusual gifts which would be loved and cherished by the couple forever rather than the usual decorative potholder or a frame etc. The selection of a suitable and unusual gift requires a little understanding about the couple’s nature and interest.

Grow Your Retail Business By Choosing The Right Pos Software

By: Gen Wright | 05/11/2009
Is your point of sale system holding your back? So many retailers are frustrated with their cash register or point of sale system or they are unaware of the opportunities they are missing each day.

Utilize the service of web hosting and web hosting network

By: Joey Smith | 05/11/2009
Webhosting awards and also the webhosting provider needs to be very precise about the information which they are sending across to their customers and also their variety of services they provide whether they are authentic or no.

Bluetooth mouse

By: miltoncholewagt | 28/10/2009
Now a days bluetooth mouse directly connecting to the computer with no aid of transceiver leaving the usb ports for many other devices. Such bluetooth mouse are quite precise an responsive which enables smoother tracking. This bluetooth mouse carries ambidextrous design as it makes the user to use them comforably in both ways. Not only this bluetooth mouse do have ergonomic design which helps in lessening discomfort while usign it for longer hours avoiding long term serious conditions.

Information About SPY

By: minniesemperjw | 23/10/2009
Spy is related to an individual finding information which is termedas secret and confidential without taking permission of holder who is responsible for holding the information. The spy is also known as espionage. Espionage is termed as clandestine which act as the main holder of the information .

Factors to Consider Before Buying a Printer

By: Gen Wright | 22/10/2009
Buying a printer is not an easy decision any more. Today, printing technology is very advanced, and there are many different types of printing solutions available.

Comparison Between HP Inks and Epson Inks

By: Gen Wright | 22/10/2009
When buying printers, it is important to consider the ink cartridges or toners because that is something you will be buying repeatedly. If the print quality isn't up to your expectation, you may find yourself stuck with an unsatisfactory printer.

A Review of the HP Officejet Pro 8000

By: Gen Wright | 22/10/2009
HP Officejet Pro 8000 is stiff competition against modern laser printers. The Officejet Pro 8000 is a color printer that has similar features to that of the HP Color LaserJet CP2025dn.

Top 10 Ways People Damage Evidence

By: Elizabeth Sheldo | 03/08/2009 | Security
Turning the computer on affects the swap file and registry as well as the list of most recently used documents. Investigating emails with an email client carries a host of potential dangers. Failing to either make a forensic image of the hard drives of staff when they leave, or replace the hard drive.

Protecting The Evidence

By: Elizabeth Sheldo | 10/06/2009 | Computer Forensics
In court cases, computer evidence can be dismissed if even the slightest doubt over it's veracity can be shown, making the process of adducing the evidence correctly vital to the success of otherwise of the case.

Evidentially Sound Advice

By: Elizabeth Sheldo | 10/06/2009 | Computer Forensics
The key role of computer forensics is the protection, adducing and presentation of evidence, in that order. In all abuse cases, protection of the evidence is both critical and central to the organisations ability to investigate and take action against the abuser.

Dealing With Computer Abuse Without Digging Bigger Holes!

By: Elizabeth Sheldo | 10/06/2009 | Computer Forensics
Existing audit data was used, that had been collected during a licence compliance audit and the whole analysis added just 4 man days to the audit project.

Customize Your Own T-Shirt From Promopays.Ca

By: Elizabeth Sheldo | 10/06/2009 | Customer Service
The screen printed t-shirts available at this company are made using state of the art techniques and break through technologies to deliver the customers promotional t-shirts of their choice.