When unfortunate circumstances give rise to the dismissal, unexpected resignation or investigation of an employee, a series of automated responses engage as a precaution to mitigating risks.
Perhaps the most immediate and instinctive measures taken by Human Resource and Corporate Security are the retrieval of and denial of service to any and all corporate assets. This is especially true for network services, laptops, workstations and BlackBerry devices.
While due diligence may appear at this point to be reasonably satisfied, a large potential risk STILL exists! Surprisingly enough, little or no attention is ever paid to the actual contents of the computer assets. In many cases, user accounts are simply deleted and the computer is quickly put back into circulation.
- What steps does your organization take to verify that company secrets or client information have not been disclosed, accessed, altered or deleted?
- Are you not concerned about e-mail messages or Internet history activity that might reveal dialogue with key competitors or the exchange of confidential information?
- Did you know that computer forensics can recover deleted files which can date as far back as years?
- Did you also know that as much as 80-90% of a computer's hard drive is not accessible by the average user (including IT staff) and contains a wealth of information that may be easily recovered? Could this information be damaging to the organization in any way?
Computer forensics is the best means to recover essential information in a manner that not only conforms to the recognized rules of evidence, but ensures that corporate decision makers have all the facts before acting and that evidence will be accepted by a court of law. |
| It’s time to consider Computer Forensics as a top priority in any employee dismissal, resignation or investigation. Here are essential DO’s and DON’Ts that I.T. and corporate staff must know:
- DON'T ever peruse, remotely access or log onto the computer if it is on. This will change time stamps and overwrite data. More importantly, it will jeopardize the integrity and admissibility of evidence in court.
- DON’T power down the computer using the operating system. Simply unplug the power cord from the back of the box. For SERVER computers or virtual RAIDs do nothing. Call us!
- DON’T install or run software of any kind! Doing so will alter the drive.
- DO store the asset in a secure and dry location and maintain a continuity log along with detailed notes.
- DO mitigate risk from the onset by following the above steps.
- DO give us a call for an expert examination of the assets. We will prepare a comprehensive and court acceptable forensic report.
- DON'T delegate forensic responsibilities to untrained persons! Your company's financial position and reputation are at risk!
* Our computer forensic investigator is a former police officer that has been court qualified as an expert witness on numerous occasions and has over 17 years of criminal investigative experience. His experience and confidence in the courtroom has contributed to successful outcomes in every case to date.
|
CORPORATE SERVICES
